hxxp://2m[.]ma/ar

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
13-09-2024 03:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://2m.ma/ar

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133706712018105670"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe
5480	chrome.exe
5480	chrome.exe
5480	chrome.exe
5480	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: 33	5772	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5772	AUDIODG.EXE
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe
Token: SeShutdownPrivilege	2360	chrome.exe
Token: SeCreatePagefilePrivilege	2360	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe
2360	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 3076	2360	chrome.exe	90
PID 2360 wrote to memory of 3076	2360	chrome.exe	90
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 1488	2360	chrome.exe	91
PID 2360 wrote to memory of 808	2360	chrome.exe	92
PID 2360 wrote to memory of 808	2360	chrome.exe	92
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93
PID 2360 wrote to memory of 2860	2360	chrome.exe	93

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://2m.ma/ar
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffecf02cc40,0x7ffecf02cc4c,0x7ffecf02cc58
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1960,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1844,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1972 /prefetch:3
  2⤵
  PID:808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2256,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2268 /prefetch:8
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3044,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3080 /prefetch:1
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3048,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3104 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3648,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4020 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3056,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4428,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4760 /prefetch:1
  2⤵
  PID:1272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4932,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5484,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:5708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5640,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  PID:5720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6068,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6220 /prefetch:8
  2⤵
  PID:5332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=728,i,10823441957898193173,12027224849344889652,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6012 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5480

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4264

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4344,i,11391966286255097843,10588851088187498028,262144 --variations-seed-version --mojo-platform-channel-handle=4112 /prefetch:8
1⤵
PID:4412

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2c0 0x3f8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5772

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5148

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
445b1b253dade690a569f6cebd3dfe85

SHA1
94ce0fdb395b67b487740ebbfbfdcaf564b7740b

SHA256
226d2be9b5d3e05f0b195660c0109cbc1c64ef079585b8a1478c48fb0396a02e

SHA512
eff6d32e31c3265aca204b428777afdde1b46b821acc144038ef6349584130f02a21e4f03f89e6a15e36f3b4ec1bd4e7b37ec8cacf4ea20437f8edb2fdae24f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a2

Filesize
64KB

MD5
c86e1b32988ffbc37474c5ea5457a62e

SHA1
3b337c4d43ff0b4ff79f9bbcecff8143839c6cfe

SHA256
d94398ba2ed0b438809ec4203c64c002b4a0d960fbd34ab144b78fe7a49323fd

SHA512
58ac67c26bca36a29799d49ed95980a15b1e279282e425ce13620cbe93a8cff74e1c520b896f8e9545a6b7eb8266394547949d88ad96bcf2a879da65521e7f16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
37b71a52402c4fc56c02678a7a7c238d

SHA1
7620a5655b789a15e12ed893c9489dce629267ee

SHA256
d678a8fad5251c2bd85af3ebe6557b8d482388e57ba566de34b7ed6c87d5e778

SHA512
1d5cbdcb703d638cc2b8fc4f7c6df7cc902347e5d13f60f6fb4cfa1c1327c256feb7c1b94340600ce360e599fed4edb8a816cf7d7b8b4b25a6941a0e2fb28e58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
7d527d5d99736171804ef41ddd1fe5a7

SHA1
9d6c1ef44448b8af8a284c83b0d8e642d81368f9

SHA256
91b64983cd68935e0d2bfaf9603f38773b01db2b1399224dc1d4ca0fbce43437

SHA512
de2324786fd09a6f9e904a25666b0065487361ed0d8fe11d68bc7cfaefefc005d499bccbd827ef05c2b3a78d4ea5fe1d5291101cdedeb0e50479448011ece507

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
4ae1410b395fbecb148df79e8794d7c0

SHA1
081481f7d4afc699439b78b2cc0b3526995a9a03

SHA256
561f16a32c1fb2c3bc8c3b337edf5cccdc005ee02475b9604bf3cf9829b46469

SHA512
b5edbd217c175e67c56b70aefe31fd33a1e18ae823b0c42fdf23d25451dc0afd246dad9851439fa16b01307ef696dc2d204c6c5c68fcca52e51e43a850f51f95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
51d060615d93f98379b6516ab22d2575

SHA1
03130688be65c3d6d7778fd756d98b3ca319525d

SHA256
20e762a1a73519df950c30a5c16146a84fd2ac21151e35e861dd00287701edcf

SHA512
919b0030a9ec204e402d018d8ab9ed9ffd5ab329da7cca43ae7d047af05a197adc06aeb24b34b3e5a54279d941b9fcce1e91fc045c10955508639b6a37d86792

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
aa4272cc4381432df71c54dcb0ad75cd

SHA1
e0d040bb1462b6c2355ea5a26f49ce159c0f13f0

SHA256
ab500217fd9da83d8985f457e4ed62e553d2d08c1c421eabdba06287b1da0095

SHA512
1b054012d90bbe9f7d76733419ab94413094635a0f73f3db757b48bd67e4b61c1b1720e8e634271e2094c9979f23164b1e1cd0c1b545ca33dfebedc9309c13a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3c39a12ead0c0260a6803501a81020b1

SHA1
485f9c514651bcbd16370fb950f78609103a07c0

SHA256
3fea9894371c1a5ce3eb3fc745a4e9302e711b9aab7911e7a4f144f55b521069

SHA512
888330d25d270db6fc4c6144bd1bd68070b10b7ae46768b7e2c69375a497bbaf1a368fcd4dd154c91cb71c7df33a277de3c37de1a7deabd20e95d61e0d4d87c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b915a981f3d207b80b8cc3c39453ae68

SHA1
825daa5229cc4d7e20cda93dd91f6ff3f02748a1

SHA256
b7f2320f83d6fb9f785ddb8a704f84ad1d32d09facf8da6aeb879c484dbb8912

SHA512
5870c47b37b1b5d0139d576fc7d1f9014e14bbcf3ae86b9919bce67dc7cb99612638608b279e4baada3baa8bbe8ed7c675e1a85099c205e9c2a3c0761a76a6ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
86113192af2297330b75bcee0620d478

SHA1
fde0d3fc24efaa695cd594ec8ad874fdbc5f3ff6

SHA256
07aab5f2120462d91f1dc7216d6d4f02958148244e6cbf4b40efbe7618dd8198

SHA512
d6b5e6e25905d1087e283a9882ec84e25cdf27d478fe5029b3327de379e6d4f9b2e12cd0d939d2deaf6ceb12c4d0f6155ef1553c75beaae7d9f8496f0d2dd4da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f542539756a8169fe2ac475df5538c5c

SHA1
63e6b6d70d6469c76bb4de69de555c0b340ef9f1

SHA256
32211d3e6a570edac328cf0c244d2faf764a00f72098daac121e1da0af206984

SHA512
6469fa055a5784b84e869123c059fef9771c89bc39a86c626499298c5b4cf0b7a8ce45051431aaf5781ec7cb5d8fcb9369cd1e99ff5c6699f9814dd59213d0ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4fbfd9013b71fa04d8a7f15984cf7b35

SHA1
e037b197c54738ba1db9a7477d965e2bddc7c745

SHA256
88e4eed6bbffc6089e053b2ee0ecb1fc3f34774339da00dd5882acdf48328fdb

SHA512
8f90a9a1e1d8497dd32185618485069c8c15394592e6f323deb1aaee27a371e4cf2e1563e5732594df2dbcebc9c09f25d10df7a3e50a2893b04f49e0276975c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2d795e41757ca1309515f5dd35ed849d

SHA1
d77a84bc5223c9d020c43046e0ab92a33d41e74f

SHA256
79a1984d6895a953b5ebb9fd493b6f601aabe7379a45d9b66d464ac153999447

SHA512
3d655ae94215ef432049758f513bfdde37ca2cff35e9b982bfed0c8d7bb39d4e3ca9e84310361777f8fe2ead2fbd7f8d560931524478af56b149e27db2cc9052

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
93590a58e4d38077e72fc2e0085c013a

SHA1
82b578fc71c8961378895601bf816a702cd01e6f

SHA256
26b91a81f5dacb14f0b27de7e9fb5adb22c17ddecfc59f5a6815d6a9b03161c9

SHA512
fad1dfa00ff15b0572b149c4ac4260e41cc2927f119142d9986802e2f523636b416426dd10d9c6af4843c097f9e50d2666f339f560fe505aa772f87f71b01c72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
59663f57fcb0fb17a019cd2915e665f5

SHA1
a7a345a83e08157e8744fb8ff53b1a690df0950c

SHA256
5a8176e8f0921aae94c4d5cd30d136d8048507b44e6619b9141c367283ef5f8e

SHA512
bcd0cfe4798a97f40563a9a311340c70f9e0b7afeac729ef323de76c862a9ad5e152433a3eb4985027c85fc641f68e3b955bee79b02a51843825ed7f5431e2d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3bb9737e14c134af906c3fec47e26adb

SHA1
eafdec5a1f4e39f6e858e8b4fb05293486846761

SHA256
a55bb10468adee450b4ce8b426233ea5d1d6bf100337c886d74511cfd156bafb

SHA512
ac657ecc183ea2c5fac657864666d917c79f023dbda9ef1fd4fea35bface7b24c4b8f3347dd11082def43df8fde4dd7119a38aeab56d544289d1f815193dc20d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
29c12f98ca364a8b524a12e81b088d22

SHA1
151420efe433692767f4beba3a6aea4ab2cb24aa

SHA256
9bec8759bf457190beb1ea599fe2463b61410dea8f21bef4b36255b1f7584aad

SHA512
6bb07938b4d4c92cba7898c848be15a7b1e82ff5a9f4ca897eee57a658c9f2c59f0f6b25aafa2080130d70ef28e445e518a815dfabaacee898769a5fac69e36a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
f1d674685abe1008d5bdb73f13159e7e

SHA1
e8519d719d2eb9573f06575760ff9f63f2a091f9

SHA256
5a8ba194d5abc5fcfc4cb1d7282eb09f521bfa9feaa9877c5d4d65f70f884913

SHA512
ce2dfc09ebe45aa8b389e7209e77f3e3bad7b0161c82e3317aee0771e15ca771c4d9efef2fb59ad7952d107095b21a7d49519624909474eac424258d9e23c180

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
930b2fb49a95dfb717929c4547b9b735

SHA1
bdac60bafce49c9f57cd5ee88d8a2e3a1750753c

SHA256
a9f90ed1d309597e212b6cb3d72cc7a09388994e58d066ca00973666d228585a

SHA512
471a0524755b634c7ce71c0f4522521fcd4b39652c5ff21076dab6d0ffaa6e99b2b49f7530fa51070545b7322085ef8266db98eda12f9fc2035ea3871ce3b683

Download Submit