hxxps://4download[.]net/1477-xfer-records-serum-serum-fx-full-version[.]html

Resubmissions

05/10/2024, 18:34

241005-w7twvayfnq 4

05/10/2024, 18:31

241005-w51avayfkq 3

Analysis

max time kernel
600s
max time network
443s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
05/10/2024, 18:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://4download.net/1477-xfer-records-serum-serum-fx-full-version.html

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133726268828775051"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3380	chrome.exe
3380	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 13 IoCs

pid	Process
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe
Token: SeShutdownPrivilege	3380	chrome.exe
Token: SeCreatePagefilePrivilege	3380	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe
3380	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3380 wrote to memory of 1692	3380	chrome.exe	78
PID 3380 wrote to memory of 1692	3380	chrome.exe	78
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1000	3380	chrome.exe	79
PID 3380 wrote to memory of 1512	3380	chrome.exe	80
PID 3380 wrote to memory of 1512	3380	chrome.exe	80
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81
PID 3380 wrote to memory of 3856	3380	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://4download.net/1477-xfer-records-serum-serum-fx-full-version.html
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd02b8cc40,0x7ffd02b8cc4c,0x7ffd02b8cc58
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1736,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1732 /prefetch:2
  2⤵
  PID:1000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2024,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2088 /prefetch:3
  2⤵
  PID:1512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2344 /prefetch:8
  2⤵
  PID:3856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3100 /prefetch:1
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4512,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4532 /prefetch:8
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4732,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3340,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4716,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3444,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4960,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3756 /prefetch:1
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4724,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4976,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4528 /prefetch:1
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4896,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4544 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4552,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3436,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3448,i,10851217187952925981,15460862302252812876,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4824 /prefetch:1
  2⤵
  PID:4652

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3608

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2524

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\7fd71b6e-e9ff-4d92-9bcc-1023df080c26.tmp

Filesize
9KB

MD5
bb38f898e6deda1ec55ddd1155fcc161

SHA1
088086291e1b381b51aa07a38910c008888c5462

SHA256
e294c1417dba9aa163ec49e30745e058ee9a0df2940507a853baea7051eee555

SHA512
d9a461f5bdbdf4e5fbc45c41e91655420091f0ad2c87fdaaa14e3bc0e38e2a424d0130cc64f76b2aecfc16ebea2662c4500c31865c5c7260e79996a3d026770a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
9c755c9271174c53b2e34c9ab79da9e9

SHA1
07a73a66e5efb40fc11ce722b1a57ded3a8d235c

SHA256
5565d153988328b3f7efac4348b822a901f4d90254a63dc7c5b6e05afefd7969

SHA512
d7c00a25555b853a818f1a0e0f253ef09f057bbf588ba1127d5c986dab7161ea91498f9b097d0756637b89e788503485131ae48e3cf1e8fa468591a53ad7c80a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
3dbeaed187bc2c1ce9e9567cb486b9a4

SHA1
b3f46275c496778f1bab3a11e0ad60861a9cf162

SHA256
de953578a4d1dae158cb45b3984cbe42992f7516468957a41df2a25ebf9724b8

SHA512
6fb4c41e96f4be2c36005b801174e2cb114e378965c4f91ddb550b1338fd5fbaeb30359dbd041e94d950a22b09e688ac93f981c188642f10e377829d7811a4d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
962B

MD5
33dc8b073a844d383d9b777793fadffd

SHA1
8ded578965578314c8e622e43ec60ffcdde23d74

SHA256
37b4cc9183333f055996bf8300a39824d2dfe352d2ebc53033d6453fec3e1fca

SHA512
240ab1bc7c293e484e2d4a1daa1a3f0652e840b6fe2b36740fe91013284c5f909060382cb0178c632ef73323ff3c69aa859cbe4e90092a8aea965dd48a1a699c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b916316ffcf9757bd9ecbc81893963a9

SHA1
a7e5ce0a8ed9aac773e2c40873fdad6ac1d10881

SHA256
68df9f35908d5e855340adf3a83a7f3de4d9a9f62797679cb0f2bcc50efb10b7

SHA512
62f186c2cd7281c6b72f949f60448407fe66095d1cd76f5a304eb1cb23f00ee7501abc7eaede5ece1be45f627691ca67591f14690d7baa46c485828329c555e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
78fcafaff1e6816562339f0aff9d452d

SHA1
e0008064b44091f2a3f1f8b83f6e4c38d949c2a1

SHA256
be763b65ffc80dad55eafca2da3be0c8914c24b40b572445988703a8eb42700e

SHA512
6200d5283abbb754e74e98da398d27a9435c3c6b8dbaf03994beda9933d55b6af57ec66c9663016004e42f3998cd5d4ace0bcc12c53def544a3b4d3086b04389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
c208a911296f5c85415cff5c5f9d162b

SHA1
3c49796967d38b631367a3bf1c161e399a4e9822

SHA256
8eb3b156f4e1ef755739f522c1e1666f79645b550c4c807ee392443305da0b3a

SHA512
49e0ff56a0fa3457af5ff1eb2bbd872fa6c05a1fa23c52d591860c7e838f131e1ce919bc82bf61d8b6b51ecc975952169103d550dbeb48a5c8902a973f74f2a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
3b178401b113ae0e961c1e060b684fe5

SHA1
d59d092da9b9d57a67f0818963b407177fd13664

SHA256
6735b42d2387c96bcea8f2894b4b8812668becf8d1c565312869dcc4f636e10b

SHA512
72d27344a47dde9c98edbec6bd6c9224209249fc08ccde7c39a6e8c046f151480ee39ca49388d15042779fb98d3853f7b071c5291f7fff16c9cf1436e7310c3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
6600e24f953818c7cc09ed2c08b5950b

SHA1
a0267e03df22a1fa1c8fe3f11839aee40b06f33e

SHA256
2acf66ac981e19d725cb252b535587a7249b95d7cb3bf8230c11978e0ca715bc

SHA512
86666e4ba931c8ef13eef9be59feff4bdf5353eecea8bdb4927e5987d56dd70073641cecbe8d342b9c92d3309c726a95871f939ece5563ecf69788ff09fc88a9

Download Submit