8898e6b0e204a9158948415af152a31c8762a154d727c2f5161ba12f63c7e04d

Analysis

max time kernel
149s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
27/09/2024, 12:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

file.exe
Size

1.1MB
MD5

b17a609b59017a1d0ca28b520d2e683b
SHA1

4d1acad5b18ea4fae06ee8ac12893916d616f987
SHA256

8898e6b0e204a9158948415af152a31c8762a154d727c2f5161ba12f63c7e04d
SHA512

a37ddfd2ea8fdd0a85290ebefdb1bfbbbe32ea54a7060e581276af495f1787a4c7ddd804171920de4b17c5a7e5fb45f1d4b8aa746e200bdae36d13ad98655ac7
SSDEEP

24576:XqDEvCTbMWu7rQYlBQcBiT6rprG8ars2+b+HdiJUK:XTvC/MTQYxsWR7ars2+b+HoJU

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-355097885-2402257403-2971294179-1000\Control Panel\International\Geo\Nation	file.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	file.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133719127328510611"	chrome.exe

Suspicious behavior: EnumeratesProcesses 7 IoCs

pid	Process
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
5052	chrome.exe
5052	chrome.exe
5052	chrome.exe
5052	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5048	file.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2104	chrome.exe
2104	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe
Token: SeShutdownPrivilege	2104	chrome.exe
Token: SeCreatePagefilePrivilege	2104	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
5048	file.exe
5048	file.exe
5048	file.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
5048	file.exe
5048	file.exe
5048	file.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
2104	chrome.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe
5048	file.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5048 wrote to memory of 2104	5048	file.exe	83
PID 5048 wrote to memory of 2104	5048	file.exe	83
PID 2104 wrote to memory of 868	2104	chrome.exe	85
PID 2104 wrote to memory of 868	2104	chrome.exe	85
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 4392	2104	chrome.exe	86
PID 2104 wrote to memory of 3936	2104	chrome.exe	87
PID 2104 wrote to memory of 3936	2104	chrome.exe	87
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88
PID 2104 wrote to memory of 3548	2104	chrome.exe	88

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
- Checks computer location settings
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
  2⤵
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:2104
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa6793cc40,0x7ffa6793cc4c,0x7ffa6793cc58
    3⤵
    PID:868
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1904 /prefetch:2
    3⤵
    PID:4392
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2156,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2168 /prefetch:3
    3⤵
    PID:3936
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2280 /prefetch:8
    3⤵
    PID:3548
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3132 /prefetch:1
    3⤵
    PID:404
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3296 /prefetch:1
    3⤵
    PID:3112
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4560,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4572 /prefetch:8
    3⤵
    PID:2864
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4788,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4800 /prefetch:8
    3⤵
    PID:1416
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=208,i,5334102442173187556,13075964692209000450,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4348 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5052

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1608

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2576

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
17ca9f2769d2c4cb014fed39dceab6c1

SHA1
e8c77c0ebf7c920dd6c9937386b39bed551a6ed6

SHA256
4fb4e0b6e799c9fdc6688935e229bdfdfb1c8a0a4b941a66dab70ecf1f160478

SHA512
0cfab10461ed91927703ba76ee5e91817bcd8e04418774c0800b3ad617a8f0d0b66fac514257493fbe07074b255926c307997319e9ffe347f463ac6a229c401e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
5cb795858e0982fa5ec2c2605127e60b

SHA1
ab9eea0e5e825bf81284782046b84afbe7ac1431

SHA256
641509af58dc2cfb51a37714b58453069374cb80cffaea3442a66bbf79003601

SHA512
b4a29ecc3cf4f2cbc854752ec6a20d1e19b56801b4f86c22780f3c6378c2e18decb281fd4614f42d6159f590074711c74422692b62980b2add45732017c12778

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
64a06990763bddd3d88f125df276ef55

SHA1
fd02d3b2a7ec04716cb0050a2db31a2edc0312ee

SHA256
64ac397675905445ef74175a66e98079563674c4feab18aa8e065c2954505594

SHA512
545b11b39691ad05f7eaeb33f0e9019de805b14697f86a2faba1db12dc3eb5b52d305ee1f8328e850bc7d7720d2459c04e726ae71ff4e3f18765ca085abfc4d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
368d1d40667d55003d1b6ad77891f6c7

SHA1
2b2030be64fe8af7fab687bdaa7789010d3c7e12

SHA256
aecc91b55fdd811064d6d64e97e90ae1c379d29230bf30d3a75cd1695ea52b77

SHA512
84d9993abecd25d8fddd8565d82e7a06cf0568178c0fb83ab80056f7cc5fb3561ff5a746b08d4321b8fbd9659382a47367973cdc4c717f413062ad3de43bba9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
857B

MD5
50d9fd491fd3f69939ef6b8d39fcb61c

SHA1
0a1cb384d24f1a201450af5fd48517f765cee72c

SHA256
d8c16337fdbda0be20fc28cf6073ac78712786d78ab4dcde29a96a39f02cff7f

SHA512
6916fbb694e56e07c76d49144c016567023e37c149f43d4164dbfef0b5244bef782adcb4affeab6e006ebf3c9cb3e837a01a71fbb7b8155e656f051169bb1327

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e135d2b75e9ad30adc4b3ae009aacf2c

SHA1
dce799e20947641b7995f763d40157a519c443fa

SHA256
540a6caf73e5e33b68392898ff36a7f864af1cc80c09e2f71e0c8df53efd1ad2

SHA512
4b66749dacb75bf29e5de52f1b4063f233486c565e2ccee0f28f06fd3f3f1e5fa7270ec3110ed82f19a6f08794c138fef52350001fa019b70bffca3353111d30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7f6648c28ed4360b43343df057f4d9a1

SHA1
b1d370291105d8df06a3d9e635ae7e949bb7fa3b

SHA256
56951f221aea393d783e55a4f6b4e3a8b1a1088ab8cd08fda7e81d053bce2e86

SHA512
da2e5faf432d998b24d6d79688a05e1d236136ce46889e28e409ba17c4c7be0cd08321743c59f6ad53ddd6f5817caa5204a687adea75ddc651964ce43e470a8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e7b0d91e03848d26e97ebd2e224ffc34

SHA1
d61015a6ab656f73846f5810b6bf21ef6ec269eb

SHA256
68d26e02fa0165be48fd335981808055d09d562b63c622290e3615f0a2561b8f

SHA512
df2462e4580675296e545797b4d0f5988e54ff1623331fca403b36f79a70894594aa7ca779190a231a04f7ecf7339fb286a02522da21c996b79b429bb8b4df58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
605b7284e8a19e213385f9dddeffbe3e

SHA1
e4f6c8900b6033db772b5f87405b18471c40722e

SHA256
0aaf3bf002de462c052565065a40a13c9bf32347d7b878bfb454f4f331c15a00

SHA512
733390fd3b21664bc993e32be91dd5833661867ef0fe09d1e1a00b883ba64b5a0b26fbea149c44656be2615d371c687428e071f6987f35a2eee0828a6c1725e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b9eaf494d432956260d629e4a8f55091

SHA1
26a339c255ab6d426fcb3c0807ac8e11ffa70a5e

SHA256
1ceb51e17e7c56289abe79a1854efb5189b300927241cb36af4ff3c19de91a8d

SHA512
2b4820c3f8d1c0d23f591f70ff7604b3350acf719e1cefc02721fa1b2ea57db6c1830bfc22e7c00a72a9bf84086732e89f2adf9485998eff5e46c7fdaaf0702a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
af9b1c1b66c28d8bb951cd5b9799be91

SHA1
90369eadb6cddea181447066f9ca9b94ea463499

SHA256
ad461f6125f77e0431fffb6463b979a3bad5f7d0a8e34ea4ea4de992f883b5bb

SHA512
a7da6b91b5443605b5ca69a1213a33b368a9c69f41a9e6adeec8d91ee1168912a9463513b28fb63effeaf7aff2a30f6c0499f82c4cbf47425e4dae75004cbf30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
212KB

MD5
8066d6492e859a95f8a387f44f3b052e

SHA1
9a1e3bab24b5885389e0557a35b7266cc2694a7b

SHA256
ba5aed2c9e36964d67cece82baf383de1586027f59160a40b227d93b525d0cae

SHA512
e6c95e23ed2e046c2c8efe932cb945b7edc9c607d7c676d48cacc543139c4fc29a965833368575bb9b5659f23a7a685a6f490c852c0b9c6dd93bcfd808b7dac3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
212KB

MD5
8e46ae09c2471d498df26b4e8b4de4ab

SHA1
ad2298b2ec8220c4b195b8612840fc7d0789d539

SHA256
430e3b18c618270810601b03f8d33a83ed22d28ede4ab0a954c20639533e8c6e

SHA512
820f7a3a531a506201fa09e0e0537b1c3022d18a9fe3d51c863f3ae0906bf14fd9033c8967210d5698afb47ac92e125b5db03971942cd434c73d9e64f953eea0

Download Submit