Analysis Overview
Threat Level: Known bad
The file https://nnp.s3.fr-par.scw.cloud/nn.html?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=SCWVFW44R03VR0XR1KGB%2F20240918%2Ffr-par%2Fs3%2Faws4_request&X-Amz-Date=20240918T130706Z&X-Amz-Expires=553974&X-Amz-Signature=3e9b851f66e14ba2f1c6adcd60e9cb6503478ff78fcd3afc671aa4d21b6513d3&X-Amz-SignedHeaders=host&x-id=GetObject#[email protected] was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
Drops file in Windows directory
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-09-19 11:29
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Analysis: behavioral1
Detonation Overview
Submitted
2024-09-19 11:29
Reported
2024-09-19 11:31
Platform
win11-20240802-en
Max time kernel
76s
Max time network
77s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133712189925460288" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://nnp.s3.fr-par.scw.cloud/nn.html?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=SCWVFW44R03VR0XR1KGB%2F20240918%2Ffr-par%2Fs3%2Faws4_request&X-Amz-Date=20240918T130706Z&X-Amz-Expires=553974&X-Amz-Signature=3e9b851f66e14ba2f1c6adcd60e9cb6503478ff78fcd3afc671aa4d21b6513d3&X-Amz-SignedHeaders=host&x-id=GetObject#[email protected]
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe42c6cc40,0x7ffe42c6cc4c,0x7ffe42c6cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1700 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2104,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2108 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2188,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2152 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3056,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3132 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4324,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3520 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4560,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4724 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4328,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4364 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4916,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4720 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3324,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3244 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3312,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5060,i,5913032031678713535,17292694514814498453,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5016 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | nnp.s3.fr-par.scw.cloud | udp |
| FR | 51.159.62.7:443 | nnp.s3.fr-par.scw.cloud | tcp |
| FR | 51.159.62.7:443 | nnp.s3.fr-par.scw.cloud | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 142.250.187.202:443 | firebasestorage.googleapis.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| GB | 142.250.180.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 52.87.65.167:443 | www.saic.com | tcp |
| GB | 18.172.153.7:443 | logo.clearbit.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 172.66.44.165:443 | www.fastmail.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.212.196:443 | www.google.com | tcp |
| CL | 186.64.120.150:443 | www.scoges.cl | tcp |
| GB | 142.250.200.36:443 | t0.gstatic.com | tcp |
| CL | 186.64.120.150:443 | www.scoges.cl | tcp |
| CL | 186.64.120.150:443 | www.scoges.cl | tcp |
| CL | 186.64.120.150:443 | www.scoges.cl | tcp |
| US | 52.87.65.167:443 | www.saic.com | tcp |
| US | 52.87.65.167:443 | www.saic.com | tcp |
| US | 52.87.65.167:443 | www.saic.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.40.252:443 | view.ceros.com | tcp |
| US | 172.64.144.47:443 | labs.ceros.com | tcp |
| GB | 88.221.134.88:443 | use.typekit.net | tcp |
| GB | 88.221.134.122:443 | p.typekit.net | tcp |
| GB | 88.221.134.122:443 | p.typekit.net | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | tcp |
| US | 172.67.142.245:443 | use.fontawesome.com | udp |
| US | 104.18.208.173:443 | hello.myfonts.net | tcp |
| US | 104.18.208.173:443 | hello.myfonts.net | tcp |
| US | 104.18.40.252:443 | view.ceros.com | tcp |
| GB | 88.221.134.88:443 | use.typekit.net | tcp |
| GB | 184.50.113.58:443 | snap.licdn.com | tcp |
| GB | 142.250.178.6:443 | 6303617.fls.doubleclick.net | tcp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | tcp |
| US | 104.18.43.101:443 | sdk.ceros.com | tcp |
| GB | 142.250.178.6:443 | 6303617.fls.doubleclick.net | udp |
| US | 104.18.33.190:443 | assets-s3-us-east-1.ceros.com | tcp |
| US | 104.18.33.190:443 | assets-s3-us-east-1.ceros.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| US | 104.18.32.29:443 | media-s3-us-east-1.ceros.com | tcp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 87.248.205.1:443 | cdn01.basis.net | tcp |
| GB | 142.250.178.3:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 74.125.71.154:443 | stats.g.doubleclick.net | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | 27.27.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.27.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.32.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 38.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 104.19.147.8:443 | script.crazyegg.com | tcp |
| GB | 87.248.205.1:443 | cdn01.basis.net | tcp |
| GB | 184.50.113.58:443 | snap.licdn.com | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| NL | 98.98.135.24:443 | pixel.sitescout.com | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | udp |
| DE | 157.240.27.35:443 | www.facebook.com | udp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 34.111.113.62:443 | pixel.tapad.com | tcp |
| IE | 54.77.151.187:443 | sync.crwdcntrl.net | tcp |
| IE | 54.228.160.99:443 | dpm.demdex.net | tcp |
| IE | 34.254.143.3:443 | loadm.exelator.com | tcp |
| US | 35.244.174.68:443 | idsync.rlcdn.com | tcp |
| US | 34.111.113.62:443 | pixel.tapad.com | udp |
| US | 8.8.8.8:53 | 3.143.254.34.in-addr.arpa | udp |
| NL | 98.98.135.24:443 | pixel.sitescout.com | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| NL | 185.89.210.20:443 | ib.adnxs.com | tcp |
| IE | 34.250.131.61:443 | ce.lijit.com | tcp |
| GB | 185.64.191.210:443 | image2.pubmatic.com | tcp |
| GB | 142.250.187.194:443 | cm.g.doubleclick.net | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | tcp |
| US | 34.98.64.218:443 | us-u.openx.net | udp |
| GB | 54.192.137.120:443 | api.ceros.com | tcp |
| GB | 54.192.137.120:443 | api.ceros.com | tcp |
| GB | 54.192.137.120:443 | api.ceros.com | tcp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 571c9a3e7445ae5dcb71054dc7098919 |
| SHA1 | 2ffd8a1b0e7a15d1a255d9f8ee4b10b2010f01b3 |
| SHA256 | 384c50df84ab209d7b8aed42cf8dc6d7bb85bb37f027a3d57cb0875413cb3e54 |
| SHA512 | 81b95b609eff2ecc90c7dfa237116a91631b5f539c2849db90df7f080d175ab5d622d5ad79ffb1bb82b3ab612f0ffa86cc47938760d3db0f989cc3699b5925a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 05f7a8e7d6748fe3b77d48d096212542 |
| SHA1 | d482e22233f84ca758b591a5c2626731d97549d2 |
| SHA256 | 70cfc32e9b52b53334365fbfe69cbd6795f26c3c43ab48fb62c17aaf7339ecf9 |
| SHA512 | bf9e27e077362e571c9a40286c796dd702efaf4ad137a012e350b37afbe3e9e8e35620bd4f64b109c9dd32d2ed7aec32638304592c093b2e4e28fd85eab26991 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af7da6480af3c3bab163cef91be5d7d5 |
| SHA1 | 5f42119576389d87538657201bda93743e209da7 |
| SHA256 | e161aac2f752d7420a49c65e833a65c883d58f32f8e4b41689664f5dba91067c |
| SHA512 | e331ba60512d65a34a810cb14de7136a0e177201bd9eedeef8653ae576a92aaf7382da9d978488552556ae7a54a96463d66e9847117a22f68ef0ff16db414206 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5c34e27e34c103f08553c8569491deeb |
| SHA1 | e9db87d71bc8bb3eba7cfb5765c54fa57f52ca37 |
| SHA256 | 39e50771856798a1e1bee5b7b5c085d154f0b782bc172e64cdb3727d2ecc2658 |
| SHA512 | 214f56b3ec91437b372f565fcbccc073c2687a07f75661e9432843a48947df2fd118df3a4cea9c7307244521ab3f96e8a24c93c226b43a67f6eaa14e3c0a8ff9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 039eb991885e5760e6dc04c58ef18459 |
| SHA1 | 697d122fdb8478a57e290fc1cb43a1d53bd4c876 |
| SHA256 | 583c64e8f0c1413e14eafa282c2325ac4e255a3b95596c8f427d40a92056900e |
| SHA512 | 3784ec7210125a4379ba09866ae82d2669c31c7121542600aadc189b67e915bb5401c8e9c9828c7f8396e4bbb56556ade49d2899230ec258db32f76c32b2ba03 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 48dbfdd6ede4068e7d8ea5bfba4aa48e |
| SHA1 | 1b48ecbdf89ee3bd860ae2d8579df19d4e01a1ff |
| SHA256 | 78eb4b8b66376c35033303ae9c5162c32f3b9ab7f4bd43615ed98b9e494e0be2 |
| SHA512 | 64537bfffa91c60331e4d384511c86649e6aa67efedb451328d38385210563b4fcb1bf73933f4ee7a5c4163e1fbdf3fcfb55d8123454faf07dc555f1c6eff2e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c2eef0c665fbd788fd2c1e81795e6385 |
| SHA1 | 40bd2d75b202bfbd0b2be2492ffc619e7f4e8fb9 |
| SHA256 | 9bfa5302c0cd9926c5dbb00b012c7915010f260a04cd8d7a43cde911a61331b5 |
| SHA512 | 305b6fdb725344fa4950aa1c395a37e6c719a6c5ec89e66b3f6e886859f9da30d55b487bb19244695347c0e64d26db382f05e1db457a943ab5e3b7d267c49d0a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a65f73b574a796366576bc1c872f759e |
| SHA1 | 7cfe1a98a364e9a596604c425b2626ce4ebebac6 |
| SHA256 | 8d12f85d1796ffe6f4500c156118a7620fc261858961fc2bd0dc8f314bf62aa2 |
| SHA512 | 13d89f4b1aa6d4ade388e3d130b36933388c366ef1948f1843ad4e3557e5ada4ab55ec481e9918519831fe5f84fbf3dadee44859ea949134cf86e7452ab49149 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4d1e501ed5e763a2923e35805ba0784 |
| SHA1 | ae4658ca7d3eb93a8cb3ddb0aae075f617cc291d |
| SHA256 | d6f551bddd386103600c0c0be9c7263d7acc8caa370da35ff9b0403ec5bfe1bd |
| SHA512 | a0d38e0cfec27b65954fcf6ba4abe160427ab30fdfd0d4b566a0d801e1f9d5842b23d1bee69ebdf84f75fae96c904b1e6a66372d46ac5f972404869e569ccce5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 68ee499fb5b73ec827be64b79f4b8bfb |
| SHA1 | 85d12909ce3b43798468d2fe5602894c91265134 |
| SHA256 | dedd94c4ad14a2ff36a954a97e1df54f58746d863ade700c509387672762e4ae |
| SHA512 | 3e7e932d2ed6a61b2bcad406a9e297612951c1a7ed0474f533d2031b5733e3ed8aaecb9cea62e461a9441f9bd8466d3b3f4569a6a7786e13b25939e833555d46 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 01f61572134cb9a667e3b550ff870daa |
| SHA1 | 31469fca948ba551c4b6ff9418dccea5d21fe77a |
| SHA256 | 9c119b4770a709dd4256c1e68ede323fdb89f7508332c515244a170be26485a4 |
| SHA512 | 515c9ba6ba0686bc7d37c28b305728fa4e2d21878582767be510dc6df14dbc0f8ab08ae6a35a2054e35f9b9e194683cfcaf3eb06ab8d928c90d0e2f6142b324a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b732334c8495fcc163fcd87693dd7495 |
| SHA1 | 737df86bd1d0d0803a02c987d014baa7761969a1 |
| SHA256 | 0439649a82021b8bfbd7b91dc37f15c69f6767796241868bfe0dfeeff1c71521 |
| SHA512 | ea967c7dfacf3a239ab403622e6e913b10ac5e7c3fb72f5c6d36d3ed1c6f4fb969e4119e4b11f72c04d1b4fce581f6fa27c7c8d704f63fec1906c82d626a8681 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 3b9bf83b7b08a6334636c33861336b16 |
| SHA1 | cfca8719725a3f5d7f507e5c6a5db59ce9cd54a9 |
| SHA256 | 82d1097efcf0b1dd8932d39702c5a4a1dd3984ad9671bf8e4c12c6da2c05779a |
| SHA512 | 3e3e39e7159b68e6b90a0b581ce7bb6a7745b01568e35dcab877743ada1546e2695fce73cd56bcd0c8989489a6511afc200b54c826a58c90d8b4aa29865cedcc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8caf22be4982948d7b2218600b474069 |
| SHA1 | f37271dde99ab35fffb38bef0734c33f3f1aaa71 |
| SHA256 | 01cb9f50e7f3491cff73621bbb63065913d9eb770f83686e6866484a3246a7b5 |
| SHA512 | 658cc6ab2c426d52734ea74cb7d656d232b33408b919a9045b19bfd828a16439a13c11962f86e44d21197c78992a8b2807f7981694abb695f3aa425673395270 |