hxxps://www[.]streamingscommunity[.]com/sgdbvrtve

Analysis

max time kernel
149s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
04/09/2024, 18:26

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://www.streamingscommunity.com/sgdbvrtve

Score

5^/10

discovery

Malware Config

Signatures

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133699480180670856"	chrome.exe

Suspicious behavior: EnumeratesProcesses 7 IoCs

pid	Process
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4672	chrome.exe
4672	chrome.exe
4672	chrome.exe
4672	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe
Token: SeShutdownPrivilege	4632	chrome.exe
Token: SeCreatePagefilePrivilege	4632	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe
4632	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4632 wrote to memory of 4704	4632	chrome.exe	83
PID 4632 wrote to memory of 4704	4632	chrome.exe	83
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 4052	4632	chrome.exe	84
PID 4632 wrote to memory of 3308	4632	chrome.exe	85
PID 4632 wrote to memory of 3308	4632	chrome.exe	85
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86
PID 4632 wrote to memory of 4216	4632	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.streamingscommunity.com/sgdbvrtve
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffadbaccc40,0x7ffadbaccc4c,0x7ffadbaccc58
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1956,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1884 /prefetch:2
  2⤵
  PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1840,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1708 /prefetch:3
  2⤵
  PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1904,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2248 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3996,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3648 /prefetch:1
  2⤵
  PID:4040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4464,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4772,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4800,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4812 /prefetch:8
  2⤵
  PID:4244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,13594509537198009017,7161703811687622719,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4872 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4672

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3584

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1100

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\01c40e6a-cae3-41cd-bb85-91677d955aa1.tmp

Filesize
9KB

MD5
889a8134cb30a6dfc6c5d60c31882633

SHA1
516d7b7cc877d83fb32a93ecf3d342a043cf70d7

SHA256
7d912b784cfc912c3785d4d3112bb3f4a0433b1cd4634bbaedb3c6de6803f6d4

SHA512
50160422797f30d0798042ea5ea4b7e9df1f49269005fbbb2a5fcd6e73a77eeeacef120ba9762e412be55f89c161d3e63c5b18c5cf09fb01549aee7165f333e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
23a21078a31cf2c86a17a8d5d10810ea

SHA1
acb86be6be9cdc54f711f1d9835d30ffbe8d2758

SHA256
1c10a832a336c8f9991d4c62e9c85005c1b51003a985c33546d5f5facc16a6de

SHA512
d4ad352c1846efc40c54a086e84c100db92b4641361427599483ee2750b8d9fe99ad330bc06f981324373a601ce9b537e69d4bc604bd15d9d668df8e12683980

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
5083e130478255645f88d3462b8c2657

SHA1
2d8d97f010bacc2b732d9f48366b8c4367f43985

SHA256
7a380ff58fec3942a6b122b121039d7aa51e0f9226fc0d784f42a73dc30f8df4

SHA512
acdde0addd6d147214a2f714d81ebb4a6871fe8abfb195895be84240f0cac639a51bb40e6cbaaea9d55473e49b202004bbae70d889c2592b0331c5bc662eb50a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
43c79d712b8d83b6bdf391a47689e868

SHA1
84f79dc425a60edb4027d611f689c828fce2542b

SHA256
adb13e852e45efa60eb558a66f7739f03a06e40c2acf4933faf656dbb3443a98

SHA512
041eda5ae2d161ea2a4dc6600578885cebff67c86a8a50cf9ca7064cccb044d947be0ce15438a8043eb82659f5bd3aea8196f2457a94a49354cc96e59b382528

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
ac8a6d6ab16e475e8ab38bae89c2ee1a

SHA1
8b11175e78e7dcce1fc2bf408c19ae15c95b4c57

SHA256
fecf9b04d366d7fec17e708d881d0fa2213efc6598c1991a534c164e6fe839ce

SHA512
312497b47fd5da81d488947a50bc8a4a9b2cd20e54b46eaf8fd72263225e20b151ca26607e900adee576687c4d7866656a3d064a34534647dedd9fa3bcf0e95e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
ba2621b1a68519f5bccd9221899e77b3

SHA1
1ab428b8891f92b3d127bc1552084b03c9151d92

SHA256
0f3f4701f5c0748e053578ee0eb27cfebfdccb121831105630ee2efed1de11f0

SHA512
7d72409935977f86470cc1b1393d4023d49b3517b20be2be82f69149aa1fd53a6476d0a49f4ca1fc205f0e284d245d771a1ff1232485d9d30560fe1b946ff60b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6cd0194c6d7bd797ef382d0bb9c1222a

SHA1
f123e71a225e2e1f1dbdbdd230d91064676076d6

SHA256
aea7c29980750c5df3566d869f55cc61a5bbda529807e040995f61d5f1be7e7b

SHA512
ac3b68fc5f7a12adb2b8e52fd4b56dfc3f9d6a43552de09ab92df1c3edee26d6a6b9a65f62d664026c4ed275cd5b2ff54442a107e5f1872eff7ae4c3f0c3d254

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c67cd37016ea8180beaef2fa1d588032

SHA1
824d8b06887f3677c97470a13c6038a0b984fa3c

SHA256
d3edb87ec28552006eb6f41a8c42ed28052463700ac8b283ef65213b5dc56652

SHA512
2629e7ee730a791f86504c1cabfa4a7f5d660af13ecf34205b7d96fe05ef54560eaa247b778136bba8fd35fe024a239a68c18999777554be3f30ee281431e00a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fbb5a83afe5d2901e0c8af4e92c1822d

SHA1
7ecc604ef828d1e04d096926d87dbf35343c29a5

SHA256
b875e6565a4809eda5aff0f42a37ca759e65d9b839b00d75df5859a43bfbd0d4

SHA512
5563b34a142d5e1b05dc20d2eba9264f61a1dd95e05c6943794dfe3ebce0cc1613118084eeba5ed4799e09f2b8b2995bd34aa179308c3807d3e927f0d73138af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3e1367b74da2f26a54d053c0559cdf1b

SHA1
d3fbc291649c0dc0834bfc380b84a3a2071d71ec

SHA256
7e959d3ec47017a6546d352bba8f29cbc5bb36d7b41e76fe955c2d99c660aaaf

SHA512
5db9521674965da9bdf2e5edca658dffb757e020727ae23654627aa5978b555e6673a7ba5edc5aefcb6156d25a284bcd54e8403d902cd74e49f6339f9adcd7b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ce74d0b349ff6494ff794122cdd715e7

SHA1
294ddd120366bbd4a0ebc96eb5c877ddaf1960a1

SHA256
f257521df83ecbcdfd8e4dc30ee5f6970e6efa608e44379e5eaba7ff55130e44

SHA512
28f0bf8e7bb647bba41af1823c107fdaf632107dff7b13b646543e873636fdbc095bbe50f6f2ea561d72576ff3ca7d29cfdb9ee7fc22a451e523459d8cc16e80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f042d50b1b97097a0d4557f8d3f8be10

SHA1
9afec6b2bd9d581f6099c7f91ae84c3658e3b74a

SHA256
6e4fc51168c4491a19d0f988500fa3f081f931ead2471f5c6560d813661649b1

SHA512
ff240dfa98e22bb4f74f52253113ee43a4c846b21b98d448bec6fe11bf1482766e806d4ce3103d1d904293255013269126158c4a4423a429eee5f76985268bec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7eed8e584b43bb2431f3b4476b87dc82

SHA1
f13e4c68e8520e6b54959dbf19f0e5d38015acd6

SHA256
bb955c831b9cb4d923db107b18394339ce677805cb1af786dc000b6668d49d72

SHA512
557a4aeb26ddc297c9a854edeae1be7261ebdb8ebf369ef02b247109086a66cf94b2a41bc9d924f2ddcce90421bcd1eca65a61389d5752534142d503a1867570

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5a8451940afb465291fcd955f177bf4d

SHA1
6c46fd6010b2d1ff5f48f52bfde24deb32ea46ea

SHA256
a805cb7f5130a0284207dee6736db82f03165fe431d953d1a9c9227294e7d434

SHA512
4a81a8f4c7edd2b5411c3e2627a27e29fe595671870dffd18d9850de3a3e6a8dc700b88eebebe01776a05d69e623dbd482204023eb86bc9ecbf272f3e61e6730

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d3a534ff146b224e14c0de35181a5706

SHA1
4d93000121345006d9e01f0ac2fa095751388c08

SHA256
eb7818fc20f75380357084c48b5d1e722ff049608af84143edea13435d834ea8

SHA512
4986a40e09bf96127d8b9c970fb086ba78355eab3cae9b00ffb5cc9d1acf7af18a94b9b521fba16ec167872bb7f20ca826a93109d938ec187fb809a4397cc7b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
3abe6089c002d9de66d2fa47cf26f6c6

SHA1
d93915fadc8941d74dd9b3d55b221fcd5efebbf1

SHA256
f62f099a3a3ae0fabf4341e27eaeb73b4bb57f99eef38b6dcd9eca4be7f80df4

SHA512
7d9f69cda0e0859f95fba672b66cfac8f23c2e33392eca161f36bdcaefc202510af4240fded4d3653ee47a8a4343fd4fe36bafc05ace10022854b8f083be2209

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
7ee380a1cf1ac2e4d094a705e2894645

SHA1
5c99c1d8778593292b3b5fa58539c429af76d1a5

SHA256
42bc9626e8634dab3bdc75b2ca7d367f5b77b539a85a77fa4dc90487533b5108

SHA512
cd42ddff394567bcaef9f4ff044f2d09f00b5c21e0e1965d77a332108388a8646ab8dd107efcc3cff45ccb5eb97607246c121c8197f067cf5f8fc396b84e1f1c

Download Submit