hxxps://eicar[.]org

Analysis

max time kernel
101s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2024, 09:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://eicar.org

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Makes web request to EICAR website 1 IoCs

EICAR Anti-Malware test file, used to test the response of AV software.

description	flow	ioc
HTTP URL	74	https://www.eicar.org/download/eicar_com-zip/?wpdmdl=8847&refresh=6707a20ccf9d11728553484

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133730270784803844"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3756129449-3121373848-4276368241-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2064	chrome.exe
2064	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2064	chrome.exe
2064	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe
Token: SeShutdownPrivilege	2064	chrome.exe
Token: SeCreatePagefilePrivilege	2064	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
4600	7zG.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2064 wrote to memory of 2848	2064	chrome.exe	83
PID 2064 wrote to memory of 2848	2064	chrome.exe	83
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 3672	2064	chrome.exe	85
PID 2064 wrote to memory of 1612	2064	chrome.exe	86
PID 2064 wrote to memory of 1612	2064	chrome.exe	86
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87
PID 2064 wrote to memory of 4208	2064	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://eicar.org
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff9a2d6cc40,0x7ff9a2d6cc4c,0x7ff9a2d6cc58
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2080,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2088 /prefetch:2
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1748,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2096 /prefetch:3
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2252,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2460 /prefetch:8
  2⤵
  PID:4208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4860,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:8
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4348,i,4049794141962628351,6298335876793846779,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4508 /prefetch:8
  2⤵
  PID:2864

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1484

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2944

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:212

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\eicar_com\" -ad -an -ai#7zMap2561:80:7zEvent7783
1⤵
- Suspicious use of FindShellTrayWindow
PID:4600

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
384B

MD5
f29b7874a71a75e356d5b6d58bd41582

SHA1
75eceed742ce6b2d0132f91a53e6a5a5f5a6e1ba

SHA256
63a2c0414e89b8268686726470cf0c9e2669805ab79cd933c67968c5ce620d90

SHA512
d4c24fa72462feaf536c9ac65a750372e13377285d99d12544cde1a9f93e0295fc7459dca0c1965c8fab246ff97b278f2257f21cc388543b63407e48d4cbcc03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f5f5a6912ab912b076d77c1b34a3d903

SHA1
807c98cc1bb66830d94693d34e35f20ef5bdf7e6

SHA256
7a0c4a7aa82f9b0b4df0527a126ec8e1f0c67bb71615e2dec5d4378704207b4d

SHA512
27bea3d6315f87bc9ec8418dec3f21e18d06ebbd964762c71d11eb795fa7e33f46e57aa4e517794debcf1ebf0f2342c97ade4d7aa3d7e3f90af4b11f447072e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
05b06fdddaa29a208f3a065da08d75bc

SHA1
7f7deb94cb0a619cc74cdb5a91b2416aa80358d9

SHA256
27a02edbefce4786d14828ca9522eb09370c652c96961c48ea3d3e53d5c25e91

SHA512
8cf9fe0984747ccd685eeebf01d095c69e23f375e6b78929dea59471481ba292cd2694215a016d50c04e05fa1bd044e3272723cd941366958ae16be1710cc037

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4682d4fdc63b234c14319c240319ef88

SHA1
024746a428017700830d25bd5e362e05f88f1110

SHA256
86abf00c6e180332def151fe52a6ec21c3584f0f378a9e4753f1025d5dec22dd

SHA512
bc048c990460755347442616fc17caec8beb7eff192d8beac3214120f36f4f0c2a3311b95f7a40ba8aee46cd45a542a1870cb916a8f772b491a9a46e5ebd827e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ca7b79b8379ea3163287b73e010e7235

SHA1
71f562daccb0057d829b12fe9ab6d27360667148

SHA256
ed3f4f992958dfa0ea9124125a494e68f60a2ab742b5aa26d7362177c11841e6

SHA512
03df7312567a9e6700af0d79e4dd186348ac500c062a402a8138bcb679114f411e2345f3b7f9603186665445575d56f356557034883d606c639b32b417f56f38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f29f2fa62489c7b4d57a977a5af300b0

SHA1
01b6bcb54dd0687d86c2424105050d8b072545ad

SHA256
684468b6d65a797e274207459f8589e58dd9d26ae50e7a2844c13517284ee4c7

SHA512
918ad0cf04506162bfd85628a59f94cd78078cd142d3ec510ea4f36cf455c5a0b34775141d672b88ac226d90fd82df2ad5f93d050b80f8975fcf7962958e0faf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1fd8f80578f122eca7db00c8f249db73

SHA1
3d06550533647c4af7bf8498ba71e20c98435634

SHA256
dad31eda935d477e634b59e5533367a1d583c12d0741422dabb222075134d273

SHA512
80a7691005bd56a9d6b1c5463bd2a13d5841358db7b0ee4f42808a17ea9a351874684e94d17d443a294ae09b758e8c051688956ea3f8bc83d8f7eb8edca5ce6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f2f9adb017c7c5973a4e36eac5d73bb3

SHA1
b43ff0a0cbea41d53354043fc1676dbbc8ca6b56

SHA256
b17deffb7463e22519ae24b995af19577e98fd5498058ff38078ae8383594785

SHA512
594c8b478a3f5da559cedd236c106d581f5885076fbb82f7e862af4b0ab60bdac0ae2ab7bb374d268c423dcac7c3ec2d09a0f9c7dbed2f899cbc4c415c2ef8e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2d9cbf9cf37ff6cd09a354dda80a68fa

SHA1
fde3e6c986adac13595314b47981e7b32d2a54cc

SHA256
6ec370363601fc6c04f8a42e3ec8c8cc70c51ad1ba0a7e1491984f42e9408e11

SHA512
1269f012a8e138967eec72779493fcf9b2915ab6e8ca50c83a27c9d2fdfbb6b9a32aec1378bacafc4a0261dd758750fade36e766360d2d21e281aabfc0bc7833

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
adfe91a87ebb1dd3600cf349e035a438

SHA1
90f92b038ae620454cb2ed80921c75599ef7fde1

SHA256
b2cdcdb971dbace170dd6685c02ed2acf3f9510c902bc18330762790e7e54053

SHA512
6f0ef2a66cd4f052b9900dc29b33dc49dfe12f1ec87a9064d4950562186f0c1e044e7ab34ac788852e891fb66f0fc4325f6ef4ae1a64f8d779448646828ced0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
781f76afa4a31fd171d297de4645d50e

SHA1
5d9236a9fa27a6cbcafe9c7ea22be2c7d66a3867

SHA256
794f7ecfe8b2f7f9646a3555ca4e0576a73381f86848df5240808c30c387f319

SHA512
8d373a22fb265eca0cd25aa832aafe0ddbbdcdc275dc5a8a8a529564d2e7b6277d92b74b543c4c106bbc4326829649f2b5c80d02885152730f005f5294ecf0a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
035a16aa944a1a1f7960c52d312545bc

SHA1
e2bf74e127f4c0efb12db658ada7f66acdaf87d0

SHA256
44bf485ac237f022e3e52eb78c89737a70ef21de4e9bee23b7e734ec5421db09

SHA512
ab6fa725a140bbf360b7acdbd86b92d83d05a327f3202490a3963b6be19934a7b7a383e6ae2581659bd9783278e649b31bf4133b701a2362eb5504754e89da1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\8938a509-4fa5-48e3-9773-0d25e57ee67f\index-dir\the-real-index

Filesize
72B

MD5
a6e4e0f610a6f31c5e212d72f3078a18

SHA1
3715928bd1a370102f2bf6ccb61cbd86be860a2e

SHA256
e2068e0e4d3822821a22dbf1b01f5852b5447028f37f82ccf1a0339c8733cc49

SHA512
a8e27a0704d6108f00ad996b9a09a79c84ede757c431c7a327df86074f43609c0a5d8e569f7eee5b59f2209b585e349fab9f99b089e9575148576d6925606ef6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\8938a509-4fa5-48e3-9773-0d25e57ee67f\index-dir\the-real-index~RFe58c1f3.TMP

Filesize
48B

MD5
c663fb269e58d3c40213bc651a1d1aea

SHA1
ca9dc68812cbeb56d312d36f9d53815b9dee8b0f

SHA256
0f64e207425dee6ffd35b3c64272e0a889875072e79580d548a7ffbfb1cffd16

SHA512
bbb9065d68efe14b85dd6f4b4b3bfb4a32255df90d688346500d58e8131b884b7f3a257af6f9ed8ca789411e30821f4ae023bfce3d7324ff8adf6cb12685556c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\d170dc1f-0e8b-4472-bfe8-6006c498a9bb\index-dir\the-real-index

Filesize
96B

MD5
2438e954963effb4379c7dd47996ee8d

SHA1
245100cacc8d6b9eea71c5885055283817828bdd

SHA256
27ea840bc6be0b268b624c19114452fb7989848730203b15d72d495219a1e4ad

SHA512
8314b183b3206fd8bda6ab628709e6d8c0af6d166dceb8e47403e194f59624b5a4009cb31078f202e18cda2558ab25d95651d0d10c4b930612cdd7eb3359b7c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\d170dc1f-0e8b-4472-bfe8-6006c498a9bb\index-dir\the-real-index~RFe58054a.TMP

Filesize
48B

MD5
924131daea3935ec398f522afa2b18f7

SHA1
1015449545d9e8ac68f01a045427f0b493501238

SHA256
247e42db32b345543f6f1dba2cbd99c67f0d110e82207dc1d31bad40d08dc60f

SHA512
f0fc0efd22177fe5666ec85eefe96e7b6b899168608c34cddef0c448cba22f26b6434b99085ccac625ed7645bab9eeeed4224defe6b24acb85e1bd40b830bb92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\index.txt

Filesize
123B

MD5
9c66f8a5361190b48cfa94d3e75dd03b

SHA1
0942f68e785d273bbbfd7751c81257fe63600d6e

SHA256
a2957e55dedd4abfbb755458be40e27f9712f3c53139cd21b58d7bd3915e9c0f

SHA512
0589dcf0847939bdbcaded9aa0fb8910c83c1da01ab52145b1a86f35fc5a86ad42dcf996cbfd14a65b494f3842d5392b78b733bebc9e26ae8f6357edf12641de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\index.txt

Filesize
191B

MD5
a74b08cbf4dd92e05637601f34383aa9

SHA1
af029bde3f99906ae53ea91940aef1adf0ca9a22

SHA256
28369310fc260f6e009208d611219a0acc9ccbc666a0869c45491c2a6deef886

SHA512
e56e2c7db9f1c57384484150a31f5a3e96363d1c944386fde9b1b1b06b5a67d02e3310fb01b3865299ed4c037214be34e148755845ea39aefa885a7413e6df4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\index.txt

Filesize
194B

MD5
d42728b0523182894d7a98426badc572

SHA1
02887ae4d572e39f2618035741f688a35a3330ab

SHA256
0b5abe06922e3f25b7bf7e2e98f9c4eaf43d18457c459428ebba0604cdb85704

SHA512
b50758281a578c0b094ed579fcbb5ea4042a4216b336de5641c22f404fa70fce29102c768583ba43a2fea61ba5a53fb338657a770627de37671a018568c87777

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2cd97a63ed40912750b02b59ddac80637f281775\index.txt~RFe580579.TMP

Filesize
129B

MD5
b7162b1204e51b96713e12e852b50c04

SHA1
38af638be9960cbd14e8335eb80f308b0669fd29

SHA256
f7f84d1fd4f947a2d5f2b5badec196fc018e3d957735f5baad023330df69afb6

SHA512
865c7168d720579a81633c3bc58f4a41d26130b658203504c5409ece5ad0de7d031b8a0ea04651b58c962fb0c23a97824feaa9bc1f2a09a22bf255ac9126e07c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
240B

MD5
230fbacddca2dea0df924a222d10c9a9

SHA1
fd10f587a8de7e620b1853b1b75d68cd2e98843b

SHA256
6ca250a5ef0c8d2737951203492a85e7aca2713dfa8eb1ed5e89be66e08018b0

SHA512
6c8f94796655aa153172e0062a7a017cfccc6041f9624e5a55d1c605307a6ddf093628033d835adfebea22aa260ce31aa037be6013b36d897f0b74607d75b179

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
81d949e8db7160625d478b57e21fbefd

SHA1
e01ffbbc7d7bad2fe96469908d72558a9737c8ff

SHA256
ef69b0af9c291ee8cd4d2d599b04a2d50552a38661f2952e70ae6241b1a461c8

SHA512
0b26f127a0461403667c9f6c8d0f1117a22113c8ac97cefbf7a0297b38ccf53faccd176d8dabf02763a1d7f2d453ab80eacf67c3d67af75afb2deb5ca6b257ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
83ec73b1abaa99addb27c51829c88bb1

SHA1
8a1b4c5a6652293e7762dd084c1d735a7977751f

SHA256
b9b11eb20dc81db92ee77198f67ed921991e43da21115d6ff18dfb8c0f63f833

SHA512
1ee2d327a509bbf41b2a01698051de0aaae5e05f12365a78f64bad65e34643d971b3c01fa542c85102eb0fe2269762e117f719aa1344d409e4c024a7d451e026

Download Submit
C:\Users\Admin\Downloads\eicar_com.zip

Filesize
184B

MD5
6ce6f415d8475545be5ba114f208b0ff

SHA1
d27265074c9eac2e2122ed69294dbc4d7cce9141

SHA256
2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad

SHA512
d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

Download Submit