hxxps://g[.]page/kooikerzuigtechniek?share

Analysis

max time kernel
88s
max time network
88s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
19-09-2024 07:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://g.page/kooikerzuigtechniek?share

Score

6^/10

discovery

Malware Config

Signatures

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133712031506411814"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1560	chrome.exe
1560	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe
Token: SeShutdownPrivilege	1560	chrome.exe
Token: SeCreatePagefilePrivilege	1560	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe
1560	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1560 wrote to memory of 2816	1560	chrome.exe	78
PID 1560 wrote to memory of 2816	1560	chrome.exe	78
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5760	1560	chrome.exe	79
PID 1560 wrote to memory of 5600	1560	chrome.exe	80
PID 1560 wrote to memory of 5600	1560	chrome.exe	80
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81
PID 1560 wrote to memory of 3140	1560	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://g.page/kooikerzuigtechniek?share
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9f45fcc40,0x7ff9f45fcc4c,0x7ff9f45fcc58
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1772,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1768 /prefetch:2
  2⤵
  PID:5760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2092,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  PID:5600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2416 /prefetch:8
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3100,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4456,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4448 /prefetch:1
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3432,i,7740275035194042813,78779836676741109,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4664 /prefetch:8
  2⤵
  PID:584

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:388

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1088

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
2303e2146aec2a1050190c40f2194958

SHA1
5b9581840411aac9b3611bcb78a8492ca7ede457

SHA256
96f602e2e221ba2c7f76f25b57a8164655108fe97ad667efe8c7869d4007f13a

SHA512
9b97eeb466f4aaa1cbe7cd1f3a3166b720d6db5b43aef685184f3d19dc02f1ffb9eb7e725214e857f2415e5ef7b1dfa50fa8ac73fd66fcc64abf9f4c25df96c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
c0a0a333104b9627098b197da7c41a63

SHA1
d305e62c88dc792f362ed15767d171edc43ec32e

SHA256
7befd61c5d862113a4e2d53d99ebf8cf02d746d18596291340cadda282e46dbf

SHA512
92a6229455d044eb687e44a6972c3392c9a2ec187a269a707c3d505dce1d8960c812c2d834121076cb4efa23d638ad031e26d3638778cc1fc714fbf8a339ffab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
4f956f78c91467d35c5b9c950fb87df4

SHA1
d891f38c334a9381fd280135a73cdd45f4111ac8

SHA256
25add29db70d11d871b0dd8859a3f6e60e954ff2bbe5d4945193eaf1307c24e7

SHA512
5085841aa6c72d8737f8300686cf3416c8511ad040f3701cf0a9c0196d23010e2b6127c4e5cf1a59f1c2c5074bf0c47fa15afafaf3ab479eecfde61b14222622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
98fc4b3d60f9f14e61cdb66814e09145

SHA1
ce0a76d9d3ef530cac9ca54e4de0477e6f85ff70

SHA256
63257a2abfec0d3215744077dc14cbfb0939446eaa66f6b4d0b5f115743380a9

SHA512
9a8cd209144013075a676a8bbcefe2cafd2f592fe58b109598a8413b5f0098a7dc32b9640b5733fd3c5af9b434d765a51e3b4851d1f74d89d556282d523eb854

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
d7f8ccac5e5f55509b74ea87f0575aab

SHA1
50811feaee1ef1a747a11311497dc069b6c8daad

SHA256
911e44e917aa1b27ca4beabd1a5b49ceaba4be58a48c4dadd2bfeb86045d8224

SHA512
071312f150f8f8f8be27f7289713c2dc2b43d960c9e8a430d8c716cd1a6ab1145972dbf1580c2b9252044370751c6f83f3e9c82ed078c01c674a8ac81dddf693

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fdc27889832ca4f9f2cf2e1fddad342f

SHA1
b24fb7036bfd436f1625640ee1f51dc910d68339

SHA256
cf4e895eabd430655a41bcfa381b9f542a05d72f83ff9f98b5498dc77eaf5bba

SHA512
19182e1699a790fc5cc235150ff58e3480b19d13fee841ca20f7bc67c63fc9b76e78600159440be67fe5014d036cb0d8662b402d8776b8a0e694d26a02854c7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4625108f642e5369dc455a5718551c88

SHA1
9012630dd7cca781fc16c39cf0be3856d130ea71

SHA256
70fe36fdfa35000995dd2ce75ac23fe3b3132adc91e02b32c658792c5639f704

SHA512
bc5bbc05b93c61ee84ffa75eae483b13db49b44ea7acf1464ad2cdf9b9178883fedeba05171bae3530a5527b69fb656c4e30fd0c6252554137654d30cb5029fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
69e33fda339b60b199bfc4f07ec59931

SHA1
3e0b20d3169c711e011ad94995321cadf6754028

SHA256
14767345f3e3a09af97af4629ae0c38175f8f55fb5d30caf72acb7bc829bca62

SHA512
ca8a66abbc1fc1a8a5d51550113e0b5278e399c903fe66bdf7b07f3871c4e3cc27a6c25103a454d4bc9f049d1b6d835f1ae8df55a7159f009b9ce6667bb2a2b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f17b8cb30a0ab35fe263ca981189e8f1

SHA1
3c67eee2a087bd0ab463def7af7a3b8156bb7b62

SHA256
87194054360c68490014fbf569cd1fe667531cc175ff67f80c4cff747a08ab0f

SHA512
f7fe3df7b71b232fbd1ddf16f3c2a7d87430e93c38368614a0065a0f1700b033b63b6d492c2715636145c22361876d823862a602bad59f6a8192dcacff99d3f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bec4cc3bee40390ed25fa40c5f343c91

SHA1
7e75f749840c40bdedb8d02b4d11c46c50451a3b

SHA256
d5b5402682ddb07599452ef57a8fdd79459ec223d1a2ecec3488de2cfa9f8780

SHA512
2a7ec8560ec374af5cad8b87954e7311ba2b853cbe57a3c5399ced6ac4d5fcc97c2e2bc66301c31a962b84be9dff13701996a918112e4bc2504e457f2a44d131

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5856394d4ca010fd0d8159574c2f6878

SHA1
ab06e5b582453864d01b91f02a7e34e24fb91cb5

SHA256
64212a7b4b8d1c717eb598e64093f62c31a94b08a9890affa319e038671b4b79

SHA512
04a882758ee6ee513cbf995520dc4532371a86edba1b10eebe1bf33ce5e3e2edd6d36d670b64c892e2df68e4cde5254f2c4f8a18c79b959cdbadef12a14dfa21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\488fd240-73fe-4a94-9c05-67f4da4160f6\index-dir\the-real-index

Filesize
72B

MD5
e968044c93b0f821d69740f3757363d0

SHA1
2d9ed4320c019389032b87511a35e814b353517f

SHA256
0c3750ad0bcadaf142e1892a8a9b739fac12133930a03235c1859afc6be537df

SHA512
687fef30b871241ae632dd34323e1e01086acbed4ab81f11dfbdf2aa96d77b49e2c63309047fbcb810044716639700fd3865fd70d02e8212a33b991da2dffa9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\488fd240-73fe-4a94-9c05-67f4da4160f6\index-dir\the-real-index~RFe58405f.TMP

Filesize
48B

MD5
c61e09e198cd36df27e02e2e2936a056

SHA1
df4479ce2667346c532d4d388094cb76e2692ae4

SHA256
5eb81af34c2c795026b67097f922361837bd2dfe297bee8e5c8f5258a565b3f2

SHA512
6a47a9978307d0700082467d406d958d9e5c2e83a784ce54adbb7e392c0f467a1e577cc91dffbc693b4cbb34d6b99cbdfeade10aa0c28265e76e6f7db5d1705f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\index.txt

Filesize
113B

MD5
297cbfa21f2e9eb435df29fdb0932062

SHA1
ce325133192466993fcc48e33d6ad27345cf6f38

SHA256
3ad8e366e3272c16f14f3d9cfc31e9668bb4b932529e58b137cd1aab95ace78c

SHA512
1b96e19c9b82531addf45e08664c06ed9ea10d8511801631cf55a099b7758aedb76a5297b1fc7120021e7979a07400dd2c338e0d209d2016ff4d431cee83513d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28da9c56fde4021055a681112c092453f74d8dd8\index.txt~RFe58408e.TMP

Filesize
119B

MD5
b0dcdf70a4a1e415aef24ddf17677c2e

SHA1
cdfb614e100e88a795bed7f250581a9edbcddbc5

SHA256
ed92fd15e9de393fcea9cd7913ad3bbab1789b87b0d665f9f6c1fadcc8fad3c0

SHA512
b27c216a54cb48e0475fe895065c46b9ab1004f6fe8d94ac546d1a07e0b8dfae7f621b8f87b2afa5618f200b15013b96ce6e8027c851ad95d67c30aaf8c00650

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

Filesize
120B

MD5
485b7a35eb714b7e47fd77cd5b7a61ac

SHA1
7396f94196e2a2ea582b063e4204ca85bf630131

SHA256
77cd353f35ec38f12dc15f132ebd8b4fb1376642c1f28dbcca9335e5239207a2

SHA512
93c5967981014c940a7c86dcf252c6fb24f3edbe613311f4fac293dcf2273610b5cd411f8903ab34c134247bd63d0e056936af4ea2350d7c286acb21c9311ef7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
f4faf258c5c297b28ab7e5a3842330e6

SHA1
b65398819100a178a45e2e724ce282290f513eb8

SHA256
ac4d49972d74ca6b1c8fbeddab0f75917f2a773bf975d30c74f2fed86e45aec3

SHA512
f6346b4381bfabd639b2723b15eda7210eef780a9b834833edcb07ca3bd9418e14680b3c026bb1858850b287f718d3a5a5bab71b8730af6b640640a255cc3afb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
eaf0a8dc08330d6500d3c05fc20fb34f

SHA1
fdbf4f8dcb428e12905afcd886d71ff56b85d4f2

SHA256
eab2e2ab406f689796aa34747ef0b12326d88234a9edcf7a32ee14100cb12cab

SHA512
db5afc191645cbb7fe470f8ea3e6b05c496f7399b50615251ccceaa41d4b24efb95fee954f34257d9fa77eb22f22b982e6f7358abc2a172f920eedaaa93ba16b

Download Submit