hxxps://worldboxgeeks[.]com/worldbox-mod-apk-2/#final-verdict

Resubmissions

20-09-2024 23:28

240920-3ggbdsvbjn 4

20-09-2024 23:25

240920-3ehfnstfph 4

Analysis

max time kernel
149s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
20-09-2024 23:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://worldboxgeeks.com/worldbox-mod-apk-2/#final-verdict

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133713483740316651"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2842058299-443432012-2465494467-1000\{46AD773B-B41F-4C4F-A0EF-3AFEC074EF73}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe
3928	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe
Token: SeShutdownPrivilege	5000	chrome.exe
Token: SeCreatePagefilePrivilege	5000	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe
5000	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5000 wrote to memory of 3388	5000	chrome.exe	78
PID 5000 wrote to memory of 3388	5000	chrome.exe	78
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 3284	5000	chrome.exe	79
PID 5000 wrote to memory of 1612	5000	chrome.exe	80
PID 5000 wrote to memory of 1612	5000	chrome.exe	80
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81
PID 5000 wrote to memory of 3376	5000	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://worldboxgeeks.com/worldbox-mod-apk-2/#final-verdict
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff81ca8cc40,0x7ff81ca8cc4c,0x7ff81ca8cc58
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1832,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1828 /prefetch:2
  2⤵
  PID:3284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1948,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2052 /prefetch:3
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2172,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2388 /prefetch:8
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4376,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4792 /prefetch:8
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4608,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4804,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:3276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4504,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5012 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5192,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5176 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4320,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4380 /prefetch:1
  2⤵
  PID:1324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5280,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5264,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=212,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5540 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5512,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4304 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5948,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5916 /prefetch:8
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5820,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5952 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5748,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5516,i,15120657564680986327,9734103240840881675,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4048 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3928

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4804

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1876

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
fe81003dffde6cb06772c24fc8d6dcb1

SHA1
9296b2d4d0d38397bd149a83f400889f88bf8a65

SHA256
4478077a7c7775f47ce380b3db6fc205a730508d8809b0e99e10db5199743f34

SHA512
93e0c4b6b5f3a0891a02959800e10f9066e4baadb9d1dc36b06ca47362291903f740aadc4f0b8bfe61c4ab1f3dd17948c1d9fcabbe17daec0f148350b97fa91f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
103KB

MD5
0928ab906d2dc22bf10ac0e57fe92fdc

SHA1
b8caa9c2e9c0f92b1b99de55e9c2553b3c51df8a

SHA256
dd0797df7f15f0375da42b7ff055939896cf434257212b9c75e87ddc86e66b60

SHA512
7b1302e3aa96feb58d2e23784c9cab8085a932b17c41f7b078eee00778a8c6aba449c55a34c6578fc7ab29432f2af4a48c20a7c4684de0d5769a82db0889997d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
138KB

MD5
0cd3e4e030afc02494cb70ee2f441bcd

SHA1
50e306b38c28b3ffdd22d36074973d4727351365

SHA256
41dc6193edd6ff4681366da09e8d60b95ac5751598d6f7938883c8c74c93e4c0

SHA512
6bb7418db5916d762558e7266c75ddf22038501e63c53176ce91cd7cddfc8cc69844885c311669086a29574de074bcbe1376a76270cc1a4282cdfa53ecef2dfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
67KB

MD5
22c04a443316a8f19693fe1cf72a57c7

SHA1
79ebd5427d791f4b85759c520dbb17eafaa089d8

SHA256
4bed01f2abeab6a751a08ee43d8499ffef3aa8a42c4c41b082fc4047968f10f9

SHA512
1acaa0bd5c5e56569f634fdbb39214b3217423f5935dea8d1abc408efa5cdd730d1ed4e02cddebb4590753cb852ff2be46793223429777960e83d378907efd1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
20KB

MD5
8aa3d963cc63b6df4e1e1815c36bc6b9

SHA1
e0a3027e20b6a1aa9692aaaae97ec672e2b7a466

SHA256
49e97ebfefeac34521b1b77161f5627915ae3d70b8a5ddf150e70ee22abbfd7e

SHA512
7a25e4c3a880a9a50105fd54056bc69ae12d9b1bd5079fa665684452a4815cf7d6ae6e2b1f75a05c85636c38c6ae3afc0b2f3c6ac8f31ed8c222c755ff814a0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
20KB

MD5
9661c577bc73011d8a5c6db1bc003b0e

SHA1
b1e08f242d408dfd66b48180d14b5b81f05b9c06

SHA256
c0e83bea51a6a24619632ec1a2dacc1e36d4f441fe01d0ba79571dcfa4f8e6d3

SHA512
2fb87d4bc5b10be5ecf173726f6dcc5531722879a046e7fd5328406b2c2395be4298e1bcd3b73ac0cd81b53bbd2b2d6d76e6c733ab79ba9865db3672f40bb25e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
53KB

MD5
adbe3ef8ba724f1da31c8f07ccf1bf9d

SHA1
f62c5558c09a5ae9af298a0908e587b4a140ab40

SHA256
0f5193f5c7d467f97ed582f95139ec5a0d6a383602da2ea42faff557cf9e35be

SHA512
699af6cf86c8a0910bc12c59ca43a35d66e5c3c9f8ed604948e9803154610089ce487b33088d08b645d524dc980f94b0812279f5280c7d60114bf452125bb34a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
16KB

MD5
f848b2723db84b91a2414015a5674ca8

SHA1
82b16f4c27d13617e7a6cc8b273f1c8226ff3842

SHA256
35260868f1234b691d118b6681411b28624b165c8a50f454255f967a666696e8

SHA512
20ed9b4eba9ca7aa522545b97e6a5b74dfde5698464740622f6ff99f17254161e50cab57bf7674184647315188abf5ff6da9aa628b26837432018193b5728afb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
46KB

MD5
1e0cddc17c99f5c3ca32eb2f8c29731f

SHA1
2e8bba9be907909854b0bd8d63e1390a77ec7edf

SHA256
8e6d233b1f8e831d286513cb9058344300097eea7043e010748f9d17c41fb6c4

SHA512
9fc3f47589e33824b87a0f4128d9f12952bfd6df92006f6b6d385d93bf58eb2d050d64fb83e3ac344dc578982c78f1c22ebf9091a13c91120baebc87a4effc4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
28KB

MD5
897da9497471ea6c26874db76d17ba79

SHA1
9e2b88048f763c183d08ba4d82b9f5c97cf48a63

SHA256
7d3f674846ce805376cb16a318a355e3690d09d631e5a507253f062cb96eebeb

SHA512
c9f5432fda698584457dbfb5863ac3cbdea8da1fcb60696db2a461a7d83a55b117b7f1e23362b08faf98e1a707b14b9b8523f1dad57483ac99621a4ae927caff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

Filesize
212KB

MD5
08ec57068db9971e917b9046f90d0e49

SHA1
28b80d73a861f88735d89e301fa98f2ae502e94b

SHA256
7a68efe41e5d8408eed6e9d91a7b7b965a3062e4e28eeffeefb8cdba6391f4d1

SHA512
b154142173145122bc49ddd7f9530149100f6f3c5fd2f2e7503b13f7b160147b8b876344f6faae5e8616208c51311633df4c578802ac5d34c005bb154e9057cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0657bd1c894a7dcc_0

Filesize
297B

MD5
32fa62771d0f2370f806075b028e0b55

SHA1
49cd0baec76e2850eac4f6f08d89c28642b00fb6

SHA256
c508afe6d9426d22bacb0698f6e34c170acea00c9449ace3afffbba4f42c8986

SHA512
b889b2a2e3527ef45b293dedf2dc8339e46b62f04b53bf85c3712e424888142e461a6161797ee560f341f377b8ec305ebaebb0f0f119601cafbd665dc0e7540e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2ef9e2027010c6ba_0

Filesize
22KB

MD5
03a3dd63aa031e810f99214823b3d059

SHA1
882931eef45b8da71cc3ec3a43627b300c3fa1c1

SHA256
e7c61e5ef7648c427798f0b56b4b753e7c7441a5d246317d71232f10859e1b38

SHA512
17f86466b7c85ec5cefef584dd1971f3261168b8fa1b9b3ba643fd95ef128344f934801b208d0f5c986726fee06d207447125f4f41ccefbe3f85588996d8a084

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b624e2fb16e9cbbb_0

Filesize
55KB

MD5
e2ef163fb2167099ebcb168d5bfe0400

SHA1
c57260f0926025caaa8b69c4bb149220ef69d6f1

SHA256
3fa3eef5b2b388c46a827ba87b4b587bb052dfcd8abc1d783047b2bfa96d01b0

SHA512
a7798c07ef0a93ebf1d290204ae5db25d7270729a9e0836fe5aaec3109dc27b2932c29ac9a70835b55df658522f77643bbc424c5eec0d8b01075ddbb58cea629

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e7cecfaa98505e76_0

Filesize
301B

MD5
edde257d907399b4efa29c55157f58f1

SHA1
594f7e2892c93eba85a4222e73fb1ce333baba86

SHA256
28e11f5fa9e918186da4fbed233691505a0ebb3543515fbd765921f48bbf0a88

SHA512
0498db5b35909c8840b7005c168ea46be49d726e687d224b6e7080bc9d57dceca571806e70bb101fe2dbaaf1e3d8db4a1f2118d16631285d7dfa6dd8dbdcebe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
65b3569114f0558e949dd354cf9d0dbf

SHA1
fc5e02cc31c3178f71878d8a581226312db41532

SHA256
2154f0c8aacd04ba46501686489bc60d52ae0d00f4d3925d98e29632d78731f1

SHA512
d084728297a96d7e7d3c3a8348b821ca853823d7157dd127deb9a7f6ed7854e319b26e4c5e9c6c5897e3d55992b666c69065e56637ef4c441dffb57675f7e9d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9000f60b66fa2bb0e6b1805ba34fd3bb

SHA1
4143dc7ca6d3e390e125f102ed58bf89d9efa7ff

SHA256
1c05cd8fece422da508e6cda46b21abf6612e6719a12897b3250e4f0cb67a072

SHA512
f6da022aabf8a6ea0e2a6123f6b86efe1a480a38f6700d8e6abf933dcd7b8e7cb505ebccf267f31787106a15246d88047c39149689e3d6c824fc285673774128

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
f47d3d1e495bb514c1203d87d59b08ec

SHA1
2f06dce5679c6e65ee4b34cec1ee7df2a7ebad89

SHA256
04604e0bda5b039dba6e0bb5c441e09d45afb10e6ebbdbdd1fcb9ac982b16942

SHA512
ded8d25d86b0dec49a3c0852766a647803d7a9534734cacfc36d73c12732d11f82336254edf1b7b9c733cce253095293fa9fb8415c6c6609d0fd650ec5664949

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
aa270a54e6989385e87cfd13aa48837c

SHA1
a636e78ecfb31faedc52dcae4dc294012e2860cf

SHA256
41164c167ea0e9506f4284dcb0191430efdae71114fc13b91a45b86761a1d242

SHA512
d1d9156503e8670e462d1acff8c10dc8e1c83b2f311f70ec6289fa79990dfd5d2b0481a05908437a93ecb68ae393863a61c9fa6b6c7a5ea14d59398100d5502d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
7a0118ca588b491197d14085046a36ff

SHA1
e5fc8cb856dda8f5a68469b3ca23b610f59faa90

SHA256
01090f2c854dd5a19be2399b0c690c1aa1c88580bd8a773f54ac58d35116a7a2

SHA512
23559e5b6388e8193ecd7914b3bfc8c9a8789a92c83b8ab3534b8cdc25e36680adc0dbfd55684eb0ae8f2866a7f614baf16e30ad57ba36f6dbfde5f77a1cb331

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
cda45b9659d6f14ac98bfeee2990f666

SHA1
53a4ed203fa4f765c38c816d67a90b8aa1a054f1

SHA256
d4ed01fa7052b823ee8c200f6d1f46739cc542c51fca9ae83e55fca20c62df3d

SHA512
96d7acb58661b89f4e39d89e189f9bb02d27e1c32d953fb88c76fbe65cbac07afe8c64f8215bd0b8c12e65494678f884a4c3c32fd8eab42ca180840da3dc3803

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c4d0c1e3815232ca036343d6edfd689f

SHA1
9629cc7bd4b0a6b8fac374a388f9da2516018161

SHA256
17f12fd51444795b710ecaf4b5fb357e12f51ba450f615437c9b44ed671421ef

SHA512
76b665f6a443d44af545503920cf27b54a1e0c2b9b27f33ff74b6dc10b41eb4d3d1d4851b091995c691af98584dcc5fc395b20e8cb9db7c0a89322614e001075

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
46713220155bfd3c7139c35bf673175d

SHA1
3f848cd25b08476b868c5262b780cdf3eaf388a0

SHA256
178989d1e5717aeffc3c6c1320135273a9ef96f720ab4705e8a521108f8fcd50

SHA512
793e657e89092b18c6504d06909725f48dc23e3584c1c3364a4d64fabe0302101699c3f6672005d5dc85b70ed842232a5396e0fb45a64fdc98898916cea77a9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
53bdf09a3f1c63235033e82195a29afe

SHA1
78a3f05e4e211f57b7083ad9658b15d2ea50b67f

SHA256
f815fee5ef505b0cea462352ac893eb1830c776ab8513f04a8a1b034533bcdc9

SHA512
afe97e14957481723ca7568b19d84b1fdd88bf430b79b64d07973919e97e3448ca6367b95cff73fd6fbc5778370244b2e785c897e30d22a9364cfeac4957240d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5d49493b8300a95cb2655ed92f40326e

SHA1
856ee00f7e3522453e715865191859ca854f4fbd

SHA256
44c1b2949a8ee95cde400a2c3cd30c2498e33646b9b7bef5ebe1a7f12674f6f0

SHA512
09ec9921070589152a98e0d4cfb6783c0c33974cb5638fb518d1dafa822c5d505ef471711470be31dea4f80f49e4152705edea6427a41b5ab9c70ec2c5fc5503

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c38d5acc7654fc2c1ade53ddffb8cedf

SHA1
b8a568baaaeb7a5369840e7413dcf8e915f39022

SHA256
979000d83174d6b280a91fa22bad0606778d872c6b5d6528b33d240deeb46c9a

SHA512
7f59e0348418b732af98bd8a0f0a0c8f39e1ac5bb1baf59a4570768974c7e5f5c7ff7a47aca17fe4d5fe6bf2fade0b91c28e4db3af55e03ca940db7b6c9ff5d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cac5af664eabcbff32db2f288aca1ad4

SHA1
93275f49e65bb237b5bf778955aa3d27419544d8

SHA256
0c28d1fc0abc8b7dd0faaca235cc1c5e10e5d8cf685b3a1a115f5cf05551da6e

SHA512
2b1544d871cc9127ec0db45825d57f7eb2abcd1e737e36b6a1994fd342c57390503baadac43d8468fd069f09ad12cf03e7428b91fe6df627ed77841ca5bfb2b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7983ad5d18bcf56ea6a83d3cc8144fca

SHA1
9ef76c9d23eae0b9a2244ee85d51662a3282d98d

SHA256
eebc553b1bdec518f4a9e88675b37a054bd0cf89cddf330f63556e6b6e5b910a

SHA512
8c6cf64113c8b13dc25368a607bcb003ca5e1f233c4296592254083b4652c846c97568ca157bdb89658863205bc23b4f7b4b5f53c685520f4ff8063c9e6c6e25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7db49d370b49f84165113306fa013717

SHA1
279cb58e63f3bb45d9a0cc09a32fabea04e1167e

SHA256
1f8a930aeade2dbdd4227607e6069ab22e4db089cfec11948b4d7df32d6b4b08

SHA512
2fd30918c4ddcbb7442e1125911fa37d6482ad3629098d3e7eef0abcec023782e9e0a70c18a419903dab6cad980fe63d4986ce83c1f81438e4071cfaf9b2dec6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e48e11c8f9784d24729f8d8cc88f7784

SHA1
d45aed89f256e600c81f87dc143fe23a15f53baa

SHA256
058fa7323f65dbf23f052bf248338b9cedc4f818476288c740c5b6cb53d0735a

SHA512
bf1f52832b8969d4516f9ac2ec4191f4903480282f235cb0810d1aa974926f93d259019703d58352fea69b94887569286e719c41299cee3f3350954861fe01ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cf1fbd5b8e9c5adb2f69a08fb72903b1

SHA1
c7d0651bfde0c9f0b2dae9bb55fb69e95426c8a0

SHA256
364ac7d697c86ed44fe75600b0500ec2eeecc301325c4a20fb3eff0b9f450ff0

SHA512
bd70055e9c1cd06b30de5447930686e53534431254ebba4fdf106f7ae2193b6f7e5a76cdf7a9010f2cf913befed93f1ef9e5489c0881ef50bfcf50eb45cc953f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bbea5858c76bc2037d5e222125d4db9e

SHA1
62b763081a127dea0c84cd006473a474990d1f76

SHA256
b8d5a92c3989ddb7604d966625c04d9b4fe97957e085b8dcc8485c1b2411a939

SHA512
782552b12054e091efa04fc65af7235a7817a3fd7b689fd314215940ae32b534ae8ba816f9996c4f01f914e8c7a1a81e754bf456d33790410d6d0529e19c222d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
17ac60dced5efa57722213116a76d9de

SHA1
7a78adf3813df99561662430a4baf9a8e4618c8b

SHA256
b48627615310a3077ac8e7144d74c4848f670322ce4087ef037c1d816cb74b2f

SHA512
3dbd1f33aacd4fe1932f32e9cb9b9e7b473c23ff551f03a3e6e1ba189fd3b2aaddbd0d139ecc3910b3b53ccb2201662b458a55bb4db1503b35ca6eff254420e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d5736f43c1279e66990c70887c2fff92

SHA1
aaeb9e63cb9859f6eb6504a2b75efca790581a36

SHA256
26ccf7bf8ccfc5b12debb0215781ce2736dcf485b8950e2a1a0ef3e5f5c32fc8

SHA512
270fe63a0757cbc6e5d6d451a5195cdf2e2b7ddbeb947d542ae5f05930d65712bf6b41dfbdc24987db47054f7bd7bc271bf62dc22ab07f2ecf41375cbb53d1c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b8e388dce3bab4600a8b1b185189780d

SHA1
1bdc92b355a2a1dfa92b9f5648a7868cb0f616c1

SHA256
76854385515a78b756aff9abb4b9a3c1039647a6599a0fd93cf24e224019c81d

SHA512
be6e247fd3fbdf9048925830003f181d41665436277b59b73a5b6b2a995a411570d294843f057298b2660c31778d11316261788375c2a1d1dac1e0f7a299eec6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ef857bc937c1e58716bda893035df173

SHA1
420868c326be5236a7b962ddbffc6c4897180d36

SHA256
fadb4aaa8c9c0e70bcaea32dc2a92c93feefa7eb285795d6e6be863d38135316

SHA512
1e3056d887fbb3f9340effb892ebfed625a275cebacaafc0302ee99a1cf75c16dfda435a7fdcfc3449cad4ec08dc5b6b7ea73ab2b3a9dcd3ff31a594d7356f98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

Filesize
83B

MD5
edd29314630cc043a6a4dfc1342e8b22

SHA1
0af3c7d21d1f2f92322b26b8db995daad3abb168

SHA256
cbba91892247fe3b70d602b37db18b5253930fef5314844711f9614055e66cc5

SHA512
0d67468bb654a461bfff7cd048852d79d3c613f2835c744dcb4f46d00a71f7abec98b84b688aaed2027129539e7730944f74766f9d7661e46f41a9fbf5722c2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe589546.TMP

Filesize
147B

MD5
b5b5a0edaf80c804fe21b4c7271c33ab

SHA1
72e2f84be89b617bd23e3970fbdf4b3b360c1d10

SHA256
5d6647e120d7860a1a30fd8dc362055217b90ec2ccb8a4c7f950bfacad0ccc9c

SHA512
3fb4c18d7b7aa8ddd30abc43769a065d45582c1b32ca7fda05d2e408071d58603105972d6240e7088d490d69ada986ca742a2150c392e4cb843700c7fe01a29e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
8de47bb346ac1bb813e59e74597bec17

SHA1
3360cfa752923c33a6074238b1e9624aa521adba

SHA256
a1b9ac14f991663f717e69ba944adaa761f127c99c08f50918d31e53adbed737

SHA512
766fed9d306f93974243ead260454c94ccb5ca3d40753fef56d87f17c4a83eb33fa38e404a0227f486b6b7e8390e0bd0fc514284f481bc103f81e714f33d02f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
2f342593cebc0b733cdbe317ca3a9ba3

SHA1
be02701f8dbd9bd9029b1a383018b1c4013280b2

SHA256
cdfc01766fba62d5179e0e9343f962ca2a23d362dee09179ff4da71ca09911dc

SHA512
bd2c1eb93f38fcab6a7e813d95aa4a4e013cfb2db5113bebfaefe6532e7b963c07ad0ba1f623d908213a2e02b96d2de7e709b5a6f852d9a0007dfce26dc99c78

Download Submit