hxxps://github[.]com/jokeri2222/KaHack/blob/main/KaHack![.]user[.]js

Analysis

max time kernel
218s
max time network
213s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
19/09/2024, 10:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/jokeri2222/KaHack/blob/main/KaHack!.user.js

Score

6^/10

discovery

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
41	raw.githubusercontent.com
60	raw.githubusercontent.com

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133712165829915572"	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
1436	chrome.exe
1436	chrome.exe
1436	chrome.exe
1436	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe
Token: SeShutdownPrivilege	4824	chrome.exe
Token: SeCreatePagefilePrivilege	4824	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe
4824	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4824 wrote to memory of 3748	4824	chrome.exe	79
PID 4824 wrote to memory of 3748	4824	chrome.exe	79
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 1672	4824	chrome.exe	81
PID 4824 wrote to memory of 2648	4824	chrome.exe	82
PID 4824 wrote to memory of 2648	4824	chrome.exe	82
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83
PID 4824 wrote to memory of 3076	4824	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/jokeri2222/KaHack/blob/main/KaHack!.user.js
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff9f7b4cc40,0x7ff9f7b4cc4c,0x7ff9f7b4cc58
  2⤵
  PID:3748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1816,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1812 /prefetch:2
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2080,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1388 /prefetch:3
  2⤵
  PID:2648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2368 /prefetch:8
  2⤵
  PID:3076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4292,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:8
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4704,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4908,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:4444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5128,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4716,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5060 /prefetch:8
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3300,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4920 /prefetch:8
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3264,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3256 /prefetch:8
  2⤵
  PID:2340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3256,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5348,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5400,i,17291904738289931130,10966857402059998984,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5324 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1436

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1932

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4792

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C4 0x00000000000004EC
1⤵
PID:3200

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\2a10ed9c-0e57-4acd-89b4-1016d7177089.tmp

Filesize
13KB

MD5
9baa93089483f16cd5ea52f0b5d2eaa3

SHA1
1c51acae68b0c1a074523e4733ecace98812a49d

SHA256
67cbf384e3c8eb92bfce61f431cdfebdd32adea3df9040ab3b582d92f45627ef

SHA512
ea3e5a55f0e7409d28fc12b182a02b2f30aff2dad2db77ae49c33e672e535cb9a2a8fa9ae2ca45701dc38bdfa0eb712ca741d60f2562a5502b518c0e8f3724ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d121b1a70dc2d2578248d378ac391adb

SHA1
1862ac813cf2c6f06db3fe7f05d87312d36c5165

SHA256
ea8ca6549fd8b23924ad114ba25301e26661103a4dbc3b052fcf2f5750a2875e

SHA512
05e1f9ea0764a6067f8e396f63582cbbe92ce08ce826346bccba1356a422671b8ab0a77cf38aab15d7c01ed29f8a6f45c81ac6d72ec7ff06e79503fac8ccbc04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
d4af3c93de4c8791ee73db588dc716e2

SHA1
e16d62f2acd0e9483d1074f03a1d225e5d403f87

SHA256
033fa7f1f75e9a292ce9803afffbe47b34a3bc4584ee3b10de1aed76c707e70b

SHA512
2707fec500892a32003ef8ed5d1f9fa1eb442764c7ce4f168fd9f9bffd55c0e00b896fea2f7e59a8ebfb5c12b63581c44411f365342973b4b7360750617c77ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
4357afc4daf5390b30b6569692eb380f

SHA1
89c55a5a5816269450344c84305cb4fac53c794f

SHA256
1e53736655ca7ff1fb48774acc65f5040aadb76de2f0ed073d5a3b57285c5dfa

SHA512
996c1053976487ec5ca2f5eab199ca611f850f2a03ba09da40cda901a70dd19cfc43095f66383e701a4c69e3e44ccd57b769d92d0fc1ad2a90c52ed6d696ee1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f925311b716a31e2db0e99334569ea5f

SHA1
ce5292e5ac506a3674168d1e6b5d7e9accc3a19a

SHA256
5761de077a83604407e7dafa7ee59cb0c256cb81f8a472f6b5b17eee3d364316

SHA512
71a510c7fbab55b74a9c186ba1e7960724574369975439bc0736419d595891ff4c55521a3653ff62c1ab0fda1dba2d559e09f18c047e644832058ae5e0a1a50b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5b16f9f00b6fcfc95194449e679caa8d

SHA1
778cfcf649d567a11d27987a35e69cb6e009f97c

SHA256
413806a78499a5815bebccbbcc8394418a9d65d14ff3352125b9627ca7d8345f

SHA512
411fcf4dc4ae100cba56e66074e82af8ad7fbe17f187918d401d7c0c14748a2d276d4db6fef38989d28298ece769b62569ebb810d518192ecdcb716f5e85c1d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
81898ea7c0ddbde31164e2b478a4de50

SHA1
e0457c058761be25b2a86b37f4da42add005dbae

SHA256
db54a0c542c79d7419b82ba921a0e45fff217bf0074375243cdfbe7ab20c3e9c

SHA512
d80154d2ad4b91923a370d69d2069e532e2ec10c867b76bf26f82a0af89af83eb77e77a35357cf9a3ce17918192827b3008056dc1f5e967c16b6c6289e0e15fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
466f60b49c261ce50e0e8d4a25eaf226

SHA1
135296f2f2e4e05bad4c248beeca22837a20336d

SHA256
2b8924f3afbb5f0d08a09d86f6f1031d1afa81d804cc65d531b669148df57f50

SHA512
ca59f7ef3e5c1deaa7fbe65545a7b65976226b8dc9e4bcd5aaf1c343b4d4ae7c3b26f8c2c637448a9ed1b3fb2af3ee319e5340c76f0568ba40866214c88c0835

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
f64ccd8e4cf4cc02fe065a0715329327

SHA1
3e806104edd2df29910223c19c4b2fea0eb0797b

SHA256
9ad09f1596fd22c5678bb7aae84cdbb381ed244d3751335bf2e1463cb93201b8

SHA512
7fc439d15de1bfe0e416c755f8af483ccf30b28f36699d3bee195a6fef6c447645e14426fdeda4bf578a493ea2f1f62d243b02fda05b3b8908d282e94c60ef73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0e8e1bf04f6f8304a179030691d4d282

SHA1
784b3c0d17caf3f8f08fad558d7bb8a026256948

SHA256
a6deb96f4af5768adbf1962ef49a22a3fb88b01771e14196bf5863677681a966

SHA512
b3fe62934cee04579f3b70f0d80c29437360cf5b4fc601af207850cc722a7e938188b00629d5b1e3894efbfe8aaa274c9bc4ff38a9f6d182bd9a04528f0dd6b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
82b6a5a68a5dc80b94f88cad45ef0afd

SHA1
bf287fea4d8f0500eba6058120b4bf4130fb4517

SHA256
d22f78bc1b50cbd5adc0632ee0306efb10c39ddca150df96cf34c19361095d23

SHA512
11adbef12bacfcd7d211b62813210bbfeac38ac8e7eb57245e390ce3f312ba78f9cbaba399e740e62e3865d7b68af7dbc17e56988faa5c6b47c3788c32977dce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f98afb3ccd2026bc2e4cc0d037071bac

SHA1
c633f5d3fce5945ceb37bc4836c94e53f91891d6

SHA256
b0670c47d9370169ea6c2a6c1ad59541252c093c0eb8c82c6d9f19a852815d0a

SHA512
0584f5300b2ca47be12326008ae6a40cc1a76c61baafae0054f3c9b917a4eac63fd23876b8fc4966ce14bfa3b29ef98b3350b5b848c6c32139f7ef0960c627a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ac64b278d627f00844ac32493db6d3e6

SHA1
1738032d747740ff513674e95accb039b088258d

SHA256
fbccda25878378b1331574a96273df1cfcef382af16c9dd2b69c9536262df0f2

SHA512
6fe222eddd89a6cdff862999ad392b9425bcdbf0e5f95dd82d6ed172cfd93e26fd377df9b3ab35026f9da1480cc4a88292e0b8d7de278266fcc29529eab9446c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
b5e5361679972d3b719b74a89fe5e000

SHA1
63d3ca37f3df447230ad55644da5dbf382b8287c

SHA256
cb06d12881410fe0407955456dc7b84e4e61f39065275e61ada4bfd0c8e1f8ac

SHA512
de2ddbd8c6c20a03c247138ba8e0ed849ca298cec50021ec5fb9202cc6b88cea5380975a9b1c82dc20e59c9096e32b7c3d0fa8c0dac0e490f4d7a395e0475f88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
557a0f620ddc582962271b79603e1994

SHA1
566b40039d9a3db6c0a295c1abf77a8a5a48d094

SHA256
b07e33109536726e8085d38732e55ff7fc163e138133fa9c51feb003e2757112

SHA512
d11d9a6629c35cf2e71f7f721dbc485f497ac47df5500cb8ebbc0c52311a0878d3d6400ba1fad4e25d840093a28e81ea0c898cd202d949b80d7be0dc97b8c300

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
bd86db90c7186120ea081da98d08d7a1

SHA1
760205c5b0ca328d2cf9fc7baef777ae0e881fe6

SHA256
5a7ba35d19b8f1f8f2f4d5f788ddb42a3ea68b221fae931ad4cdd44eb2adf88c

SHA512
a6ceb95d0b95492ad9b44fb607ce17e49c3f65f2c24d2e9f01f4d4165b63acd850f3344820c00bf6ef0a02ecb7123f2347f1d1c915da7abee4c71bfd2300fa1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
893c7f4db2cc81d4a9d6e1fd2a4f13d1

SHA1
b1ad355e08f018c6986a2e61e77b21476c3f00ae

SHA256
85f898362e2066b245543c3ad89ed1d20953544bf0cb95823424107ab256f24d

SHA512
b61f9e72c82bcc38757046f4ff82c8cd56758829d93916d4f65cf858273da837e185694a0f7290c979a5bc97a24f6a93d0c7ae2f27f48b2270732d97e86076d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
677da85f8122c2c55a839f331a1c95e4

SHA1
a9b8a7ca5dd058cd0198b0c2cf0df2e0c07cb51f

SHA256
8218b1373040fd6317f028baa1741debb388fc600b803c40523a1f374fa4ea27

SHA512
0c83615d47b1f22fecbe2ec2b1e332fc80aa0a3c05eca7ffb527109846440c3fc086706f7b74ae91c3722317e3fb89194702639a0c75dfed0906cc433aa5a834

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
101KB

MD5
0141d99677d1e0b163aa4309a6cecc67

SHA1
af8e1760596dbf845dcb6cd0b65ef5f11926a677

SHA256
12988f881ded40cc7de23fcf3c6ad86a5ef3f5dd4539b8f11c2b519a50222562

SHA512
3df47556756ba105c3c6796a25182bccb145a5fc5cdd7356b59344e1fc28deeaba6e4b3bb9adf99518f6f692319447bbdc287a87a2bf618a85fcce69c3675f10

Download Submit