hxxps://scareberezk[.]itch[.]io/sad-satan

Resubmissions

27/09/2024, 23:27

240927-3fndbavflr 4

Analysis

max time kernel
114s
max time network
113s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
27/09/2024, 23:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://scareberezk.itch.io/sad-satan

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133719532640045465"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe
Token: SeShutdownPrivilege	2544	chrome.exe
Token: SeCreatePagefilePrivilege	2544	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe
2544	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2544 wrote to memory of 564	2544	chrome.exe	78
PID 2544 wrote to memory of 564	2544	chrome.exe	78
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 4656	2544	chrome.exe	79
PID 2544 wrote to memory of 3508	2544	chrome.exe	80
PID 2544 wrote to memory of 3508	2544	chrome.exe	80
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81
PID 2544 wrote to memory of 2324	2544	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://scareberezk.itch.io/sad-satan
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff909d6cc40,0x7ff909d6cc4c,0x7ff909d6cc58
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1716,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1712 /prefetch:2
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2004,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2088 /prefetch:3
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2360 /prefetch:8
  2⤵
  PID:2324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4356,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4564 /prefetch:8
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4684,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4748 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4900,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4892,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5176,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5168 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5304,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:1384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4876,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5420 /prefetch:1
  2⤵
  PID:2188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4956,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3116 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5280,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5040,i,12321308941588171218,233774045245588770,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:3012

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3484

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3864

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
6bf114da80f732b47f83565102f75552

SHA1
117200061be7dcacfaa9d3c837bbb07e4f128533

SHA256
5b143e786ab5fda9c9d64446cf611b95f5ae9789146548828a16b9c21089fcec

SHA512
3ed9132c10a4256bf010d82e4a972b0d46760d0764b821e71ea63bda58eed9b2414ee82aead21f75633991f6be98bfeae4639d02d82f37b5bb97e67479defad2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
739162eac96cfe247f4a2fef9fe74e19

SHA1
ea465110b158e79eb409dd7e5bba99c9f5e068e6

SHA256
84c8fda8931659f0d87b932f0f49bdbb8fdddd805ec4650893edc21bfc19ca31

SHA512
12b3a5e5f83e15ad61cf319cb9ad6bda733759552eb31129ff9d8f42190d84d35c8a793f147b6866b55e7c31ca72107df0eadca5aaac23e3717ac3450df67c04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
01787f3f073cd9e765ae33564512082a

SHA1
adc61d8d899819270866906dca2788e665d50b89

SHA256
466956415e4d23b3381f6b478f2ef7ea80d3d3d0739031db9e752a3d309bf022

SHA512
f8f285519c454e3a58d22d647e68e455973f7686beac72992eb11c143c61c321ba8e727c79c7eb4fbcdeca01740344db1c48fc3c7a2b9ac154e72fd6086e09c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a1f178616e376f9aac1321caab0d114a

SHA1
ed029676d896ceb36389919669b883f3ef7c6580

SHA256
a626da304e5358a0a13850f1699cef3d99f8fa4e79f932180d9e0f4e445696c7

SHA512
56bf2efdc4b927177e764a11a9092358d25e8d466a5095f78d1b5502b8b21cfdaa378f2b5b7c4d835c4b9052e9aac0c9da812d3648a695097bdfbcf3c1824aed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
cc6745f04b9d14144c364371c97c74d8

SHA1
19984743ddf42b7569790b758e2b26be1a0566a1

SHA256
dfe29a7064da4f5a45f376663157af899e26773ffef6bcfb7ce8942d4bc6c8d5

SHA512
0240dc7ebb30e215371a87ac2096bace4eec1dbd1408a9a25fec9628400c38b1af06b120c632f9fdf4f84105c274b7fe1ec58c7c577e60d54c6540f459b1c9bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
5f40704ecf23191736a1e0cc3f99c897

SHA1
b399084521ca49357857a87abede21930395509d

SHA256
ef68bf0654e0da79106736e995383e888db42fb5bab3f4142be1a4fb99be9b76

SHA512
f87e393912b51bb990310832c9b0fed33e127d1c0f6eaed18901eeae7340fc4b74dbe1e3d1046748efa571cbf014390d963b9ead85bcbdc94c24da653266c92e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
97819abdcec2d179bfbbdae3f1d59fa7

SHA1
85604a9a41423221f895d34bc31740768c7293f8

SHA256
a28ce1dc735424ed13eb9d55c159a5c78d0d9f246a2d727ea460450870ce6657

SHA512
ee1118149c8c3104ee618374701d5240dbe41e817194ca94bb7e468277a31c2b61e85073754a7f2d42a94fe801264f7df8bdcd12e064c6ada581aa5fdca1b369

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
226c67bc8a1761871dcef82e8a5f040c

SHA1
e2f64146428660b88debd1c962cb03c8e673a9d6

SHA256
e9f899ebcf390eae70ed595259afb779999eda5e37f65a936106c1208b97d9c8

SHA512
623c608997fcbf5fc6bf361d27e482424b40b315c5364837266b3de6ba6c77623702efd3dd0cba8f4d340c4ae993ff469aa24ce1d132f08d6beec6a165ecfaf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
384b82f1659e7fb94d3503a40655a607

SHA1
eefd98c3d454394051bccad785602865dce4d052

SHA256
676b933938def0fd7da04d431e15dd0752e53cd8e79aa6276e1b68fb4043bd84

SHA512
3b5360d069a67c6ff9cbce768b3b370de43e82441c921c1a1ec96a8eca9d8ffc7ad25a22a9bd1774318c077eec8aac837f77fb058454eeae0367f28c4013d622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
87644959e5ceb25f42ab6684ec07c1c9

SHA1
eb9ce9dcbf3db28a97a8f0fc1f47448852ba6306

SHA256
23249fb99a6b38eff23b0af2113be7d47e3b93a4daeb49a646b5bb7d451d3c31

SHA512
eacec7b5f04e316347c1b11e4a63046405c7ff3ed5e92b867ff0c711ef24cb3b1b2f4a822396a199f7a16fdfb61dde81c7637dfb254d7e702f133c913dfca24a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e1275c4de8b6491abf5dd08428b8650f

SHA1
dd22ec835f306073ccb5376e0d2b417de221d5b9

SHA256
99e5c87fbedbfce014c844ef68a2bffa1c10a0096032d96ad405d6d376a8f345

SHA512
51da941872088daec3a0188fde3de5768c605e30d1090273a969fe7ed4b0811c50f81a28cd1e39ecd6e94d252908794b0e699ba8b92df4e81358050627ddd625

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9160e37bd3ac2c24fec2177e65726de0

SHA1
b6a40e56e393c7ade8e389f1bed7685da91600f4

SHA256
090de809f2333a62f79c30b0fb14fde02bb5b68c22b20b6041bf9cf2d3e8dad7

SHA512
7f47ea61b63872f5ec398e35db804c6ea645a6bf530a638968fa4f2f0ff28ebc0e147c1f3c8014d43c829541af4ea9a5165fb457e8608a79826608895095c29b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6bcd82fdd7bb758dd9bcdea6d99a9850

SHA1
0335a46357f5195edad4543c61760bc2cd7f8c36

SHA256
2e33dffa7e4386575d2695864f814e7e3afe7e124e692f4a2aaf20ed5587d5d4

SHA512
cbe16af5027938ada4739b77b43cdd4e1cc13f93be1f71fa2599ca37faa60f98d95fc0b07adf7b2bdfbdb6950a15383dc7d121d1200e6e8a9cc653648bbae3f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
f7e194716bdcdb38bb51c75c6dff86fe

SHA1
7ec658c93194cac32aee359b2902f421ce04ad77

SHA256
397b62634d9f79a28ee8ca25c64f25c7a93a5530ccaab575d3068c61e19aaf57

SHA512
865e1e51d7c59f7fe30cba03d12064ea0392cded815f6fa6e5ad9ffc27cd43e4545641455965363c1147296cdca9bdb6139585fb73b70adf4b03d739c9122806

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
4c19016531ac7d2346bcb2c24057a678

SHA1
d414fa4b092c0ef115c7744f390051a4b1b2c9c3

SHA256
f571df7c12fa35310f53ebdbdc3625fa94343073d16f20421805956737f49867

SHA512
f422ccd96471f6d240cb5f38d8f5e20ca9b9b8f4592349e5bde08d99dd1b411609e28db6abfa2aef88548335feb1e971185080af1b9b7fde1962c1f3da89b135

Download Submit