hxxps://www[.]curseforge[.]com/minecraft/mc-mods/reeses-sodium-options/download/5424058

Analysis

max time kernel
269s
max time network
271s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
05/10/2024, 05:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.curseforge.com/minecraft/mc-mods/reeses-sodium-options/download/5424058

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133725803108195408"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\reeses_sodium_options-1.7.2+mc1.21.jar:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe
4552	chrome.exe
4552	chrome.exe
4552	chrome.exe
4552	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe
Token: SeShutdownPrivilege	1600	chrome.exe
Token: SeCreatePagefilePrivilege	1600	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe
1600	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1600 wrote to memory of 640	1600	chrome.exe	78
PID 1600 wrote to memory of 640	1600	chrome.exe	78
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 1016	1600	chrome.exe	79
PID 1600 wrote to memory of 4580	1600	chrome.exe	80
PID 1600 wrote to memory of 4580	1600	chrome.exe	80
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81
PID 1600 wrote to memory of 456	1600	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.curseforge.com/minecraft/mc-mods/reeses-sodium-options/download/5424058
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd6396cc40,0x7ffd6396cc4c,0x7ffd6396cc58
  2⤵
  PID:640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1836,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1832 /prefetch:2
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2020,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2124 /prefetch:3
  2⤵
  PID:4580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2212 /prefetch:8
  2⤵
  PID:456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:3472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4448,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4456 /prefetch:8
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5004,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4388,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5156 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5152,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5176,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5572,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5452 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5716,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:4740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5952,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5720 /prefetch:8
  2⤵
  - NTFS ADS
  PID:3788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5992,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6076 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6124,i,13680174775186590981,13047379962459635389,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5916 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4552

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3752

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1676

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
6ff0ac65da7260371de6acd84d5a51da

SHA1
eb72d10cacfce48a7eb921192b5135ab7a81b01c

SHA256
cf281d03f2e9ab0dd5ce18e78d2ff1d9391836371a30c90d8bccee7bdd02c303

SHA512
0a099ed739a9a1ac1ba8ffbab6b28c50a02d5daa1692c6924d0d79a0c29071c637bbc30a8923be517e9513f82aab90130661b2422495aa8a5208faea44061b25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1ec34083d6563680a7f4e357089b76fe

SHA1
a1dce2d7756ff78e302a35101f78dca55fe1c53a

SHA256
d54a8fee7dadbbbdeb4847d600a5004a189c6799fc75a1eeb4be8a5fef42af32

SHA512
393efc1b609e91264d54bbbfbbc5e2c4bbd8c21a5482bc498df9f26285bc089ccb431fc753f404e679672da9bcab12884c8941d5d5df2b108e5526015cf20e40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
b8ab357a56b0241b2b5ca8496d9fd4b8

SHA1
f6c20a14d62569512ca9e2f1cfa43442533edf1d

SHA256
4bd0a0064625512eed0602a18eb18219a52d2e189db550070cfd32ac9ae2b66a

SHA512
6e3d716a6166595eadacc6bf1048eb7fdce06f4e950bceb68b516f7aaf6c26c1e23f78341f942fb3cabc7f12658d0c3fa49877d98b9ef938cdcc7ad34c27c81d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
15KB

MD5
fe32db9edc9a4353c388dfb9a90dca70

SHA1
47d6aeb875115303e174ef871336c6d84a3fe65f

SHA256
680bf6cffcedebc90123b5540f03980c0cbef11a32fcda2a18ba14c952fc9b01

SHA512
ca2fa75092c10d8ffd52f4323409410be2a93e2f7746b6728a983add85fc4a52891b35f84af95a19a8878d6e29ac2ee7264842920336b5955b1b737228405147

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
d1cdb9d1adfc979bcd58520a05e6aa4f

SHA1
2ca7cb14352308e411830b4a3fb114dbe692af85

SHA256
5b2b750f6b5ddba9258428e604d4d2e1bd53a39a5d3dcb1bd8f10abaceb2fc63

SHA512
2015ca896d87a38c9e18d0008f99925d264f902a810a4a4cc671570f27166c9633fc7db8f8c8ca48dcbc45ec710653c5cb76df80b49192cb5ec4ea8c407fdc15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
4c3b994064ef90e35bb54b620642c500

SHA1
44271c8c21f90851c635e4559ab288b784e57a1b

SHA256
972b4d73d1936ebd04f6d32d83792a5ec5ff435cef48bc2d6a493b1cc338cf4f

SHA512
6f443a25e27b4b423a5f10ec78ae82f9b26cf37d024aa7e608ccbf168bacbed60916645913b77f988d1b8132c7e57d2bfabe333d999ab4e96f20f4ab0cc5fa5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
c0839c39b9bfd68c51d857a2a0f52c9a

SHA1
5f302050acf6c374bab290f69db68f3d9b08e819

SHA256
41a63237e343cface2d2dd38f3bd7c99ba8ba7615c672e0f2249901b37607ef1

SHA512
b8292892c2d48365f87f9195c0c8b966903b638a8c22f3164ed4f71e6c690c4ca307d8491638fb38e93da944e9e9b525bda0f0f5fe037eb0ae091804ffd888fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0f7961c23891c6680e56ad8e19416195

SHA1
6cce89657507054c65ec5d9fb8e0e76a5103bdfd

SHA256
05c2b4d169aeda9404da8682122e0bd54ae40fd134f391cdf917d86022cee1a4

SHA512
6b9afd63901f38d14e6e024da399de6efd0350839b5cf5725fdf8b0356da576cb96bf4193d3ecfa7d4c3b3c3717b1bcb432ab1cc75061657b0adaeecaee03d96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ff143868a341062ed2969c82e55697c7

SHA1
ccfcceeb2c55825b22fcbfae0e2df07787a0ddc1

SHA256
62141142816751c8e915922e0e46ac8db61aa9068d9d8ce2526ebeae5405e94f

SHA512
27541b00923d0ff6092932da064a9021bf0db909e61c5c1e36c1096406885ea5d96d1b5aff22408278b689d4e29fc6f22d891cb6e15a0d110fec9702e169cf93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
fd0a20b2dcb2b354df2107d9df1a050a

SHA1
4fb47ffceab131b14ad843e38c916d5e31716147

SHA256
e94d2877b999c4fb7e78ada565a9c0e8b8ca0ea47ce71e9b939f480eb096c187

SHA512
2ba28f2427e2e9d6c3fc40b4c0b3a09580d154a527414d6c1f86f8a58219323761d9f07210e94a3e2c3083edb7a5b54b359968b3e3a85b95483614c15d1c1cd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
e8ea7554b188b9181b285746a8d9de71

SHA1
697f88b7a0b7c7029b56d0cef045f7dd49f25dad

SHA256
dbfcd50a000278b084a9d5033ab60da08a4bb6e2b900d898f99e70daabb85697

SHA512
0b96f9931a5155b6d492cdfb09e79586ea63f96cb3d2c8e720d740ef2bc8dc68fbe0b633f32eb5a3254977ee988dacf58bd0c22a69d5e7af36eb330786dd229d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
8a97e1fd617be165250a8e337a4d77cf

SHA1
0d167d6cddc8d05cb078ae10e1d7761ca1e24787

SHA256
0493b92069f9a9ec68a4a0b3134c4a3541fd116ff2ec95a913f4fb3c5e0d46d7

SHA512
0e39d9644f1662c2c4cd5e0f5456bb34484500094cf6962c783390e30f164c747ee78103467c7adf0617caf0f3916ebb802b6f1ca5da32c4468fa3e6b2be39cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
9d7554fd9e63a097634c24b00a776b32

SHA1
0945c692f0da908bf152273076747aee9d67f6c4

SHA256
f26cdc1b62ffe1fd0abac0ff107ff2a66bcfa838ac9a8ece133b1fbf74cdad84

SHA512
744eb2c05b60483b99d4535c75de8c62d5951d44ff5040792ace7fb5d9573a18ee8fe0ce283a7174a984fd162f1a41b9e93dd364fd57a55d74eb60845e517ed3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
5d539c384ac4f50608441cfdfa1efd8f

SHA1
fa52d352d5f1df4ec773eea3e7726f28b57c961f

SHA256
22bf97bc95b7e8ba20db99f464061936a1e7891889ad3658bb6955833587f985

SHA512
f2461e3920829253452e897e8b3417ac798f8a9a6395bb770ee6373ca877340fe2c2bd495e876d0a3d250dc757f825094569d24223c53e9f13458c28fd9e3207

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
fe3d295caacdac64fa8aff872e97d4eb

SHA1
deae2488c93551ea5de52b9df2e14377350dcc48

SHA256
53ee32e40c4218b77381f52e239d97c320ee270e6eb851677013d3c7a15e768c

SHA512
3a443c887863ad96f8146a63a6cf0d0a0d04fa859b6e3a5ab52f7efa2d43dd79810ffb031773f2a58fe62cda51b89706eeebe597eb519cff4ba404315719d91b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cdfe39bcd9114664ddb05f63abd7ef3d

SHA1
b178356de4d77d2338c88ccbfe0b0fdde82ebb2f

SHA256
3afe23caca8f4518142afb4aa29128ebe15f9f1f6dcb3e65da61a652f7b155ec

SHA512
b2fdcb20905e04e746c92f7085fcf92fabbf90ad70910e056257991e79a697317cf21fdec59270a78c7f8789ba01ea206da0133ecb534c40114d9158040e73c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bb922e3ee853858ddc20bcc24bae9603

SHA1
7f2a62cfd451d85cee44f1d722c238fe5718a41e

SHA256
c826722fb57de58e6afa09b6fb6ef605c75e8441f19d66cb0f95e8f21ac9942c

SHA512
2fb1bc83f955c88f3f7863fda4ae68cb4fbdfa94e1293d0d2ec2d2d1e70238450eae2977391ab41f067a394cba1c50abed150538bd8113bbdad1f7a6766cdc74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
17724bd320891dc655e4149fe6e6f252

SHA1
6a8949ac24080d88dcedd8172b2257661443fcb0

SHA256
ec338bf1b83b47bee08cdd685d1a8dd33e27084e7116354ee74d6361ce19c2f9

SHA512
1842f24dce5b047e80838d1a1596b16c32ee70a5883bfe45d9761a04066fe4e65d05243b49e419f1c874c67757dfe085c96cf4d2237abf61750e63939608d1ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
79425003796cfd18cf98f9510792f968

SHA1
58f35322158b6b897d9392bb3019ce5b8e92a358

SHA256
85fdecb45a18c275d8870348899f134836e9651b451f4b46f991f00235cd7256

SHA512
506b69581ec61bbc3e03fa9caf3020311dc0ae57c4ec992aa3d0d66d9082288ff24f879e53e8446c585822a48f7e3f574a18a2a33062474c004de31d1cbe298e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
251587d756df6cdb4a3bd25c1b6914e6

SHA1
5c5c0f5bf64f47b8564031fa0882240665cabcc6

SHA256
7db2e793f44e4355936141bcb5db744df786eb62a7fa592428246434b5a99ff1

SHA512
59d6f2dbc9bf0118d3b1a98a4e8f3149b3ae4a6e8410f97e91b4d5b718a6ec81491c776145f17af51d2adf9915ffa2d1aa9fb5431e99af8e2877c005493aea51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1079f7fc70da93c2ca0dfe411b87fb54

SHA1
9b4f1639773d469a28561f08e7ad1add33e1650b

SHA256
6474d868d66562ca9b658474f959ee44bda6146d2b52cfd0060fe39c16ddfabf

SHA512
c9b0b38861d3d92322ad074b8ed8dba118fa21c2862a8d4481e3f1a00a43f894c08b03e7ffa6949ebc8f3623722e7d557c717f1d8eb69017f9a045f2dc955031

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
38e82fd77c0c22521afc042fce66da1e

SHA1
4823977b001857e8466fdeb4d0f78a9f5751abdb

SHA256
9cf38ca1292e9c46f612b1d73e821be04f9dbe610a87f53af6df3d348817f3dd

SHA512
3c8b1638dcaef8236bea6ff259dc04edc38cbcddf05519310016a1f17072013a1cf29eed8fb6e32dc964d38cf068ee2b0c3c7c8ab24d3a748433dd5745c7067d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
79222852991b3a2fcd827e1a493205f7

SHA1
5a8bacfe796cec7d408e3bcae400d7f2a16049f6

SHA256
a62a5e37f6e300b2bece3a58e999187c0cca4074b23d628ff16b7112b6e4eccb

SHA512
53a515b79baf5d2d5458bdb00f1585f43e7e99eef0ff7adecd3dee8a29e063c429a4585c84a4f14e3614a5f71ea52871d61b216e0b853e8ce221dd7c2354aeb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a7305de58731ea3465e01645dc49234f

SHA1
85b24d3db75893a213d34660ea81f874e23f22eb

SHA256
820d8fd8178dfe3a35a53245483f7e455862494ddfe1c103fdfafc381a243fc6

SHA512
2c04c58f13cf7cafa1ba12eae3e260547a10a7331741a13ecccb8a2b3dcc0b927fe078dd7e1d231e39a0e7a8232ef232b72fd08dcaac15a348a6b610a2be1556

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3fd51fd620b9f84fdf88b99d0b516ad3

SHA1
5ba37578217aacccbc7997cabcbb5d7d0439471a

SHA256
c07c2d22cbf0c70e531f131933e4442e61c5f479acd88f5af08affdc8c8938fb

SHA512
05efbab26a47dc03a553eae6f5bdf8953df14a1edb181a63a2264b1d678d4d866f3a19a338af00ba7928f6242753e9af75cc8fdc82821be13daddeafd2583943

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b7ee1e69961e319f57b0a0265b004ab6

SHA1
69c7c98ac4bac407c94298e52e8d840783d95d80

SHA256
f4a57468e06fbb4a6c2d12fc4d996d95188bfdf172a0fb93640b2eb1569010bb

SHA512
34406f390146a8337d221410ee0fee16ecbe9267c474c39973d04ec36bb3c6a5c313a7fda5b2f68eb90bd530e03a0d411f68cb3c82d68f93e1ff85ba7cb84787

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dac7f5ac1948a81575a1c43fbc9065f6

SHA1
6c708453b59a5b5694e36b8fc379f475dcd8e1b6

SHA256
0154c4b0be9eb83ecf9e59d027c155e6562aa40d7e45e176fb69cae8fc52d5f9

SHA512
72970b81f239e2228f04d3276cd9eb9326b5171ce40958a9d08b514e5d903a96ce6d96ba65afdb714bd0d03f74d1f003eb6954950e97de95fcdc2f864e6c2af3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
89e59e0549b5998417dd5346f610be7a

SHA1
6c4f4376a541a03a8c77713b23f1d964cc6b043d

SHA256
8663531aeea5d5fcc4cf4d1c1bdb6892617db9581f5ba13030b88ebee71958f6

SHA512
289a573d28e26a3c596610a478b1214af04d412099b14d9c639aafb928cf1f104a0ab5b7f06a1882277fde306d1777b58cbb33b2cc1e20449b4dc1ed674b63be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
97da54bb4cdefd74b5155e15b92525fc

SHA1
8c49acaa9772945969789bb48eb3f7bdbad77ec2

SHA256
a89a0be25aa6eda13eb101a967b3c5e49f777c2c13124d6163a6de162dc5e782

SHA512
e8c69a61160bb7e042cfb5120d772681d37a85aa688e21cac6dca9b4f758cbd29b733a877d15585bb161332b3838efa213e817ce8e621d6c746c147a92e16708

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
53e8ad186d1ff4beecaba6682588d411

SHA1
64591ae694b750de4eed5dfb45af9926c4575efe

SHA256
dbd3e8707f0b23406382690923bd53a20608ef818d13cfc6c43808aff10c3e14

SHA512
8a70ab6ce1085910f72093648fa24bfe03e238bb0b08a7229deb12e2c82b2209d69d156e531d52ef734c1b7603e60320c092a85c2b4dac590e6959541e6a338a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
55044a8e01d206410d3f54d4a904d950

SHA1
cf8361b046339772f75bc9a1b651951973de1708

SHA256
be32310188dc08d4f1eb5735937fabaf0bf05329284502cd24533d8ffd90e660

SHA512
b28198179bdb3dc50e53c8b2cca8c5e40cfc5050246f63a804c1901e96c860d02efcc37eebe9adf9c08519ff632264ce0d49011a277d3f1d88f97c53f7f27c94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3833fcb9029328a08e7a6fd94586a8fe

SHA1
de3c207b6e4d8527939b7a009ee03aeaff50ca71

SHA256
4d98f7c43e8fde533c2f44be60e3784c0ac8af4cf9ede3775cefa5b0318ecb5e

SHA512
5a696c6813200772632d6ef6626220e6351f2b007df80b806641e4fccc0e6571b51f482e4675757e6a4504519d13b0d2208395ce4aa19f914031c21d23418599

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
33f0fb6fdfeb7f25f90e7055c75516cc

SHA1
41dc9c5f1b6af2edd229d5595ea1a207bb716efb

SHA256
76c11c9e3937e66c755e754d160132eb0dc76e64059430b579fced31b0d7ebc9

SHA512
235761cfcdcc7d835720b1cb7f9b20f396fc7460dc02c8cda06a8a2e919204548e0a05a2015a7c7ac0b2a6d6dcbf6b29a98df230e268013b9f01c017500698ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
cbefecb0fac5dfb155afcd3edd918e0e

SHA1
6ec9f3f2d0583a595a1d45cbaca7c38cdc2527cd

SHA256
8700f6b55b6029cf0bc79f4314528df434785122528997a161a6ec0e872e13d1

SHA512
036763775a51bf2ab6d2b5df74a70fdcd177c53420586597e17dfd9f6408d002c55d245419b189d83bf83ee0198cdfef9007290485f417556e80567bc563b80e

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 927041.crdownload

Filesize
75KB

MD5
c01d1183e960d8d2b9c6dcaa6e508ade

SHA1
cc4e16bba55547494667ec257349f66695e029de

SHA256
39062ee7a4943af6e0a3d833368deafa6f922b70f1d1393e40e9275f272b5ca2

SHA512
0efb27850ca643f2e51eb5b42bd657eb8e301dd1050acfb7a5c7b6e892fd3e2143eaf16e7d90d4917de6f76241ea99a27efd75b0a408173caf63529aa1fc0a5d

Download Submit
C:\Users\Admin\Downloads\reeses_sodium_options-1.7.2+mc1.21.jar:Zone.Identifier

Filesize
163B

MD5
731fe9ba57c656d8bb1bc66b196f35d0

SHA1
5e2142c0827bc042ba5a42ade0df049354106da0

SHA256
f75e601a82d68a6d426f4ee9e466c766d3b7600bb01090acd4abcb63bff78d81

SHA512
6078a2fd8783317480fb8b7d3ad0d40ed4a024cb7c5d975c464486411b200183dab504d1d8c03103f4145f327b776f030b10380d417aea15dd6280e2a9692f3a

Download Submit