1316c0afbe65e24b66a9f93c3429446fc8e3fff2abe42c81d46976fbb40d410c

Analysis

max time kernel
194s
max time network
200s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
30-10-2024 23:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Mods/MMCEx.Resources/3.0.0.0_en_31bf3856ad364e35/MMCEx.Resources.dll
Size

36KB
MD5

06db3ed3db8744254e2f78fafdaf8c1f
SHA1

4d9e22ff77fa1afa2d134f7816c10a5725825590
SHA256

82bcbc3de8adb8f08e1df439b21433437f75c9e7ca5314c0b5a4fbf96b83df8b
SHA512

aaa0dd60f14a15e65ba47fecc2948492b78cbac883ed8195f45420844b6df0ad5d4d869470853561d06c36b3a5acd2cf7157f3db33817913403ed4813c25dba9
SSDEEP

384:alJ5bH1N5JfqRNSWZ3dNmjxpqS+udjpI0idKQWh6W:alHHaN9NmjIup+0icf

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133748045657281025"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3587106988-279496464-3440778474-1000\{660E676E-E231-48AE-AB0E-400A0A05E36F}	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4152	chrome.exe
4152	chrome.exe
5084	chrome.exe
5084	chrome.exe
5084	chrome.exe
5084	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs

pid	Process
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: 33	4508	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4508	AUDIODG.EXE
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe
Token: SeShutdownPrivilege	4152	chrome.exe
Token: SeCreatePagefilePrivilege	4152	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe
4152	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4152 wrote to memory of 3536	4152	chrome.exe	87
PID 4152 wrote to memory of 3536	4152	chrome.exe	87
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 2468	4152	chrome.exe	88
PID 4152 wrote to memory of 1596	4152	chrome.exe	89
PID 4152 wrote to memory of 1596	4152	chrome.exe	89
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90
PID 4152 wrote to memory of 1624	4152	chrome.exe	90

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Mods\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll,#1
1⤵
PID:3404

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:32

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa38dbcc40,0x7ffa38dbcc4c,0x7ffa38dbcc58
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1804,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1884 /prefetch:3
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2228 /prefetch:8
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:4012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3160,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3096,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4492 /prefetch:1
  2⤵
  PID:3196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4620,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4440 /prefetch:8
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3572,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4728 /prefetch:8
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4736,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5024,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5036 /prefetch:8
  2⤵
  PID:1332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5000,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5156 /prefetch:8
  2⤵
  PID:3996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4464,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4904 /prefetch:8
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4968,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3236,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3492,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3260 /prefetch:8
  2⤵
  PID:1272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3444,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3456 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5380,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5424 /prefetch:8
  2⤵
  PID:32
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3432,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5912,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6056,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6064,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5656 /prefetch:1
  2⤵
  PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3248,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5980,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5644,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6180 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5932,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5284 /prefetch:1
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5612,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5684 /prefetch:1
  2⤵
  PID:1976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=4916,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5864,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3484,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=5044,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6320,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6296 /prefetch:1
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=5888,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5844 /prefetch:1
  2⤵
  PID:244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6844,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6876 /prefetch:1
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=5744,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6884 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7068,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6408 /prefetch:1
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6436,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5960 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6060,i,13005270537639552632,15076300333498463506,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:5224

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3076

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3532

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E0 0x00000000000004E4
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4508

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:1464

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
11d253b3a6f1f94b363fcb04e607acd2

SHA1
9917081d96e0d89a6c6997cc2d4aad6366ecfcbc

SHA256
20152f2fc1ca7717b9b858435b3658ce0879f28944bf822210e5ac5e148cc7ff

SHA512
101086c8c2805dcb8bb4e2a3c979574fea1cf0268859804c350f05a85945216de51bce90981a11d08c9a7043efee5130ede5c5a376cd86707dcc90c0e4f45334

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1777b2e69776fe098d22abc82051c994

SHA1
960fb8b30f935fbcd9243d0c1161d37a3e196e3d

SHA256
b83cb878d91d7a1a86db33707e4bcb240be6d780014c83c814ffb781f6c1fce0

SHA512
a35d8965892001914c6c1c6e49b0595764e1e40c6012aaea06012b4136d437a54e43a135986b867a97e5e1bcbe7875db25659de14fd69709b4ddcf7883024c08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
232KB

MD5
6fcbc9d99553af671240cedbab34eb37

SHA1
5943dc3b0f7973986b6c4b0c29181ca59c28f04f

SHA256
d496c5d3fea7d1c80ea62964f46dffe3918f15d150631ea81a9c23a08259bd0b

SHA512
d61459f4f5ab5f29eed0f890ae7f596f2cd4cf182b214c4ec49ca969cc6fcd6e748482611226d4555b7255020d0995d66c3b1b4b977c0f254ddb839f22b4ec09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
48KB

MD5
c516fc64c2ce2da54e42fa31bd5e663a

SHA1
91323242547fb20ba7c4751ba23469907dcf38e3

SHA256
23625b65966e0e7aee05db5af64384107139cfb3b23783e51e2d98bd6b7c8921

SHA512
69b802c19e43c72d0ba03b12ea31b9a4034073ef7cd9db7c6bf1ba649a927abc99ad08655c78bc9ce380a6ee48442533ad23ac44e2728252f040a20b598f7296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060

Filesize
20KB

MD5
51ada20f3d9b2e10bf253625b6d3e93c

SHA1
33ae5c605995bae21738b607de2e6ada6c36f947

SHA256
cf059862ab8406773d991f3fbbfc8ac5da8333cb3f0ea9735718a0ceb0e3bb41

SHA512
aaedf597d8ca4bbaf6f44a621b60b08aa699b788ed2b938b32044715d692b3e5536db1293e237b1fc904a87fe9f8e2121eb8f4a31c93b2e596e190762aeaca18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
7d0d0643a0418f0230327b61b5b7f955

SHA1
a888037c634404a10e42105b360ec08cd1b97bdf

SHA256
31f933139e78706a6662d09d6615c814c171c93e4fad7e9594cfd0b7bc375601

SHA512
96163a1ddea916524bf5c05ac2bfcfc2a0950bdcb64433a014f6e16dc56d3b42c38228ff66afaa40f3b84d3aa467e5cbe09f570c09ff5d82ee91c1b485040d03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
ca1e4e1d2014bbbdc9858863487ea147

SHA1
a10724386173bcd79182906a0ad9485d46809e43

SHA256
bf38cb4ea79f478bcdcf0cd6e1c643c0afd9b43ceaacd5da2709a495f2ce763a

SHA512
15fb5352d3ed0fcbc784c80dcd8a4e2f748f1fd648ff286b4ccc37f68ece4bea75847ff973e951166137bc1b78ee1d48994ef592686cd3a599d6417cf5371f42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
34KB

MD5
38578868411a89000427685c0a147e43

SHA1
b0c0467c4d1b2d7b824b76c055cb8916c6b07a0c

SHA256
9ecd0881cf0c51304b93e5d06dc27271d9019a1986797b31569af6ea7f392fe1

SHA512
436256c81dda406cc6cf3b4d6aab36d80d2c32ca976a86708f659b7639c2db995d4e66daa1735d9ad6c0e891a7a42028d4ac08c072098c4f0876cf7d7e30d813

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
84b6764327df52025ea6acbeb55b5204

SHA1
36a75a5ba909dabb4f2f7e3490f22d7084a16219

SHA256
e64e09844b42ad4e117b470ad10824a74f6c74262e8539e598ccf9a0accd9072

SHA512
233a05e061ae181af40cda36c7725f2fc4eac4677ca999ab983999615045ed83c9572b07331b55fce4b0d1ecb83c841179654c9f3df91f7a03e7cd36b58c9852

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
01b41e492b1594268990a1dbc25a0e45

SHA1
e21a9ed790728a63ed3189eef2175e6c355349de

SHA256
fadb57d667311e999d2d52e663797d61776e50a6eda682fe28e9979bb3b81760

SHA512
7b9e16c079a6a1d27ce5b690fcfeae09e97bf14e627f4272569602372ba9db34a8f90f97b603f11a20048554047525e91e8bb3822c4246f8f00e1e1bd97e2795

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
f05cd45e3b43fd71ffacde85478cbe46

SHA1
7eb38674a99805073f6ee90effec24aae0f8f617

SHA256
9ebad69003233e4e72f3bddf6d381ee9acdfa5b9664e7776fb3752e393924395

SHA512
28c68ac0c6ad954cef291b9ae87848cfaede268d85490a022e63d75628d40ea6fabc58a5305943ffe940b8462a059da855de6410e31086815d78c30daeed4aea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
4d9875e3e9106630b6f3c81abfbd200f

SHA1
706e5bb4fcb17a3b9932198d881f7d238c1a4040

SHA256
d9042815244c7d7da2297e0f7bbc218cae4683588d53bbfda79708f7a174b055

SHA512
a51fe671ec8ea05579ec3ddc05f9ff1923f7f8a0f86e2bf581c37f38a89f252918adf1d28d62d9c89f398781cd2fb3c0a6188df35f80f5e9a79f0a5241cedfbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
83a60b31dbc4e5c2fba5fe2e36930ea9

SHA1
c48611d5ae8a4f4fe94dfec5a468531d6a8f407f

SHA256
47a940c7c9d142529446c31b23978baafd1ec814acecdd7f01c8cdb5ea604795

SHA512
9cdd55c8dcc18961dafb6b40cc0d47e50d3524f3a64bdb472e108526746c231132112e603db52d6ee8d0121378cc32f327da3eff4f7faaf0f00f59ee5f84a5ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
01ac4ea41fcacfde9aafd5b4f0502354

SHA1
68c85db39b13c816c6869f3bd2c133f4c34f2843

SHA256
0bc92dcb459bc7accc59d3949fb03214bcb8af61f4ee7e246fac972033ac3032

SHA512
f4064c61118d94ffb2dc385b49ac0e77c614b91f9c46942d52a351abe7ce2cae11408a02a680cb31364c149a17d8a1b402555123fce98e99ef60be2d64a14a54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
971a6956fdfa563ad4255e3f764c98aa

SHA1
5b539de3bad5ddc0f9646c0f93e766ab53b7f885

SHA256
27fcae047343cccbe8bfb18c1ebec6cd7cfbbf627eb91d0d354ef840ddf9ced9

SHA512
7ec18918fe23846995c81eaa746e4072bf4780ae3cea8c8c0f89cea33dec756c663a45af5b36071f9cf0833bd6b459f43dd783fb07d53746e86a4ac48b0b82b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
ad99062549efbda0b4bdf64dff6436b1

SHA1
03a8998ca13e06fb3d5bf2a795a2d2ecf6384d5b

SHA256
a5d46f52d1106dd1a40414e5240b74c5cee3d78f90072374f4fe843045b11a99

SHA512
b2265824f6135fe5be4be33fe81dc066c70bf2f8a38e728c0d3c57395ed5b07dd906b17ef0b852b2cd6858f4e84d05ad373f08cd4f2010542761fafe9d5d269d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2f8934b0e3482538d5fc18703f14c69c

SHA1
553ef0cf4bd95937d25cbefdaffda4a8d07929d6

SHA256
cc70d533aad39242b59ceb9cecf9c7067381f55439fdf264f93d74c8829c0f91

SHA512
c576a3e03fb76db9d2064c89c90caff364ba5bb7ae8da805b4f600b2285d43f74efce73270905660a308f226805b1bea1aa35f07b43de5a9b43a2cae3cd148e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c854a9339511c0efad4bd43e09875145

SHA1
286c2b5df6cea267d4de6b722d59ac059490c0b0

SHA256
4629b01a241fdae66c1f59cb5b5c1a7d3b846d235f5270f02a057b98141bc4ef

SHA512
913d9c6fc3da745743ae5722380562d849ef759af2804f92816bbf229e71b14711ffff466c816361f0ef3d8ff2b1142efddca3b0c5dfbae1767b5d284705a995

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
da500257c8727851ca1ec1b1920f9e49

SHA1
171185af9468dd909a3e21a1e2298bab3852a2e6

SHA256
8770f8dddfc90f03f76888a444c58b5b7f1397b4d18071845259d8050366ad25

SHA512
4513029e8df391039648ef8a4742f567256c210569837752b9f2e0d38f20a254fa8401f4deba343c5f5d580b8bec06eef4e58d9de73f1713669699feec763dd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
83959ae7b2746c9f719030d2c0aa145d

SHA1
c1d21453369abc5bad158c30a82a1b5e3b4c057c

SHA256
eb91e2f6d069b91c761cb30ea37a3dc4e1b92d6b57332b6700279759cfe48a6e

SHA512
80715af373dea8ed8689b04d11ccfa956b709d3107857aac193fef8a5391fa33261de2a53fb9a33c99cf94f75e5312854a321670208148059695e95acf778030

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
a2e56f6270ee35f971122abc6e31d590

SHA1
29767362e6d8c16b23ef087ebf9e124d1b5243d8

SHA256
4e31946338bf2f7f8f93e27063e55f6dd50888fbfaf2108739d96dc96fddbbea

SHA512
c1f297ed57233795216ef02378b13638e44c3f5e2e331e49c5ac5f987e4a607b3e797a9743ee4daae39f288eb01e35e02cfa0b258461665a73167ff573e2701a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e5b9ffd2e17500a6153a39a99329fef9

SHA1
d9404575d7421ae05af0caae27ec71b70fa4d464

SHA256
b8db2e5cddbf7aea37fbbf1435322d396c2edccb932976621951db8c63b9620c

SHA512
86fcc138d3ba9a8bd561545679aa16e46d0699c6e55b88fc80d0a4b69a46db3e38fc17fe7ff893b1d8428d2cbd9039a52230c35b495ed36c66b0f7699458f2b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7d838cda9113072e2887c9b8bac6013e

SHA1
85a634ed0e45ed3dcaf9b3f9b5cff54193699020

SHA256
01c27dd61e41a7c9fdd8923929402b596593a1391d103ee1ac728701be74d551

SHA512
df0f54314cc74e4fcfc9808005fd35f7c746840f7da79cb4b920cc94732d425df0f51905f0c2e8f8c05522ef89bbfaf4a1c26b72fb649e1b627144c7696685c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
8cbf39e8e7fc73b9daa0d98e9e15e7fc

SHA1
2e7c983550c45b036cad410ee90593d27bf2adbd

SHA256
550dc0de079607e648231a4af1f0ec392e7289a31a4f77d03e7d7a72138a7ab3

SHA512
f3b6d227edbb9bac3096f0a2a4280daab06d4e8d67348500630638ac6deb460f4dad486f3f0f22905fc74425d4b995fb63f14ba3992c010744d06ed1e8ed5b95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
ce0e69981eff6c0be4e5cbb9d686fa28

SHA1
1c615ed36221d290a28dc6e386d0572548b08852

SHA256
1ce117f0ce590016d940f71ca6465eaa95e4be42c948dc287dfa113f30f0a0e1

SHA512
63733beb5c19a2d048c9a652d2776b956e96753b0c6ae71e70a8cc184ab1a235f3f496356f2357a00976b06cdca99223f40232626cc7bdb378683e9712be9591

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
4809248e713754accae5b62205ac24a5

SHA1
2835b900d05be71b141a4c85a2be101a57cf8d60

SHA256
f6dd78246fd78be6b280db5c615e59bc8e0eba30e318721c8df8c13012c10ae2

SHA512
e6e8e76221f75fea2ed356ba5ebc43e7282fd3800cd5aef82d75b2b6e9e161f8037b216019cf6d52230eadcc2ab4fffb0b2ce07bacaafeb66f47839c9e4a71c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
f11931343922c1d1437d35ae1b9ba0dc

SHA1
045aa5dc61366d97c1728f6cb4d228d0d047d1fa

SHA256
03387da04388096386cd1b229f7bc8e6c3a2d924e17bfa695d1537467c358580

SHA512
6694a9e3111aca4acb1513d01cf2db7edaeddd1c59d3a91c25a233c47efcbe559a6c399e07b83dc80aad5a3c95f0aba623b6daa404041d4d4495babb4e337145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2c14c066-4361-4ba9-8120-02e615feaf5c\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2c14c066-4361-4ba9-8120-02e615feaf5c\index-dir\the-real-index

Filesize
624B

MD5
9c1b9db389c0f6eae8936a3cb9e9c2e9

SHA1
0c247d16c7fd366fc7f229c2737dc455cfdce3cc

SHA256
6fa08e52d3d3b4b389e2ea5a11ebb65dd648f8b91dd1b2b7a1398afc8d133c43

SHA512
7fed66506d9e85fa6df654dff9c1cbc6f36139b7056c8f72b4113530e24fba8696299a0844c58a37b3ede3fdd8f6ae9d2573b622eed8c1233774877c4909ccfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\2c14c066-4361-4ba9-8120-02e615feaf5c\index-dir\the-real-index~RFe597296.TMP

Filesize
48B

MD5
8b031da5d08bcf0603143fb3f235f311

SHA1
e37475b68f635da4cbc8058761c7976a02a862d1

SHA256
c792be9281348789a1c8558a0fb9d589b7caea512bccaedfcb99b6415cfa1d91

SHA512
ecc6b99d6dd5b68710f577e71137e56058cd71b8a53d66d0c9c2c21b33d9629c7c9ce223132d436edb1ead0d5ff6c27bd1630f7029a8150c88cbbd3f313317f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\937b17a5-b917-4e27-ae21-412ff3a5c367\index-dir\the-real-index

Filesize
2KB

MD5
52f056a3f62c0e2551eeefec5b4d371c

SHA1
809336eebbedf796711527c8bf7bcb40b47bb0d1

SHA256
e81bc081168ee74008b7aa2765f50dadb2e9fccb10275c16acb44db73dbab189

SHA512
3e73244f0c9d9045dee9427752d91fc5b7438da769adc4725b778cc8d288aea9d5c85ab3efbb15ef9d2383fa513f197ee9bb8dfb355b75427443d3318ccb53ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\937b17a5-b917-4e27-ae21-412ff3a5c367\index-dir\the-real-index

Filesize
2KB

MD5
5159529487f32513ad49dc9c40ec31aa

SHA1
fc7c3905ec76b19d285980041566937c5fb68482

SHA256
55349791bee42d84dfa5c46c71947a1b85540287dee9e60faa2fc8ba47664da9

SHA512
62e5185eaea8c0132135885d427f037bcd2d3d66dc621914ad9e1f2657d06153ffa57f4c8aa93eb151a26230a00e857e21c0c05cae212d0f4d93d676ded264ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\937b17a5-b917-4e27-ae21-412ff3a5c367\index-dir\the-real-index~RFe5915ff.TMP

Filesize
48B

MD5
975f87e8d375b0270d629a9f6b20f658

SHA1
37588c222f8d8bc338f22387325b57674480aab8

SHA256
5396f4d506ccc85d3358ec3847af27b7f399814f06b321170b44a2d4c397d599

SHA512
8e671e3bc1a484e605b0bf035aa76b7b604aedd6e0c8cdce96635c6a009d5b7e90153a129885ee5ddd7dd97b90f090829e4f7cedaf4be969d7424a81e87680ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
178B

MD5
ed93211b58e2064e25fb98ee7c23826a

SHA1
45852001356ef642352ca78c9b1157d5ee895d54

SHA256
2a5f6b4b08705f7307901887ce7dceaadf373efa1b7e9150820f9a2bbb7c060f

SHA512
e74a6e58a8e087acca32e1b4fcc5c53e12903ad373c80a43b8f6d0741c15cf8d9c0063b898a7b5338c23d6f2ccd4f2ae1b0fea54c01773697f2fc23593846cb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
228ecfddd3955322e8c7c179c80a95c8

SHA1
99f1cd6914679ae37df3ef1443292afd23517cc5

SHA256
87bb79ff7f118a4c24f15200471b478c62fd3d8feb99a23d028e63544d976fa6

SHA512
280716f70f7de662c550e824e0d067d0c568e07749a052477dc14f01727be43b0cf73b4d4453bbbb6e6e710f36fa36b53eb067729495c90e3ec90ff5193dffdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
183B

MD5
f7aaad39a005c4206067222e57b995f7

SHA1
d1b4f093b82af60d95849bd5248b04b61b080362

SHA256
6999a67717af20daa4b6d4b5972624dc5711923b5a0c9c1bbebd73357d764ba2

SHA512
e41046b11f7284b8be77759545815aee63a5e68fba6c49d49970310bff0a681563d1157c92a2ad959b76d4baeaaaddfb747c32e78bad48d2bae27a88b98868c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
f539be4bc85828f64f36134e384af0e4

SHA1
b4fb2f5d4291ad29dc410689fd06b7b58d9a0399

SHA256
823443dbb132dea734d7396949736f6f00923a6566a40b696122bb3e4f9fd451

SHA512
8be5e65f8cc442e3f350468e07a0d92ecc28e0c66bb429015f4a7707761140d6c2880c671a7905ff59e350da9a7b45afbf4589d2b5847f72789f920823d36c32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
6fcf4b8d6b8eb06d4840e85a4bce2af8

SHA1
170a47866147cfdf3fadd629d2e7850c7b0b5c2a

SHA256
3a5406536c5edb170a84b0979290cda50db5d85a89e456c41bb6c7085b1b4ba2

SHA512
f4d2a8fd26abc7074ce54b8a14944c4bca95dc4d775d25149a8e8120d410161018dc9fa606207932c089e41f631c49b702ee091000ce48b62a293aad083ace4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
187B

MD5
4c38c1e99ce2a01ed8871ae0503559c7

SHA1
d55c480cd5fe676abc42dc8c9f225f0f7d0d7501

SHA256
809241accc32642eb771eead3967ae23faef598c0ae87f0435bd41e514a6c7e0

SHA512
442193047cd97445b294cb68231377f33552888105580c257da8509e2062acca716c9b8280b8be62ec3cc5009b82cc301c88da398d8122aaf6d4cdf86a1ea2bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58de55.TMP

Filesize
119B

MD5
1d269f1a174d1e9a6cce49c5fea3d9fd

SHA1
addeb08b975a90ff634a57dddfc090393c3be7e8

SHA256
d5c95f83afeef56dd2b04b9629620875744bcf7a6d34eea5afd3a08a514c7ba9

SHA512
650a6dd5d50a925c0200f9b1bc240908b835f640a6a5c266739c8f0fa8912b91fecdca934a813116c65667985969562306b6ceff5e9169a554d94c26b17a73bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
28e9db080e2d3e90ce64d47f91bd3fa6

SHA1
e451ae9defd93c3a13f9b23babaa73fdcfaf88a8

SHA256
9b2cecde04dfe0d9ad06c620f182130556ec38fe2f5729b410a01075609b54d4

SHA512
23c11a62242a70d63468a455b669d177ff3926a3834b4ad5df1aca7ff221654af6aac82d68e009b8bf4628bf8e583449b0a69c835c8c20832aea0e441457848d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
35db15b63a436a2003374af8251b0264

SHA1
d9e0530cc65b1b8d21c1faac55506886e3c4a4c9

SHA256
f1051ca961d5b9c018141ce232a341b56900afe2e9028fd825d67aa71005f794

SHA512
297abd4adfd3e29ab59d1f154fb44870e7a59c774274f4f13c5be8f501bdb94dc2910f76507057c4ed142d24ea6e991b9b9c7f54b21026dd77bdc23d9528fac2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
529a0ad2f85dff6370e98e206ecb6ef9

SHA1
7a4ff97f02962afeca94f1815168f41ba54b0691

SHA256
31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6

SHA512
d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4152_697539413\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
206fd9669027c437a36fbf7d73657db7

SHA1
8dee68de4deac72e86bbb28b8e5a915df3b5f3a5

SHA256
0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18

SHA512
2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

Filesize
86B

MD5
e1c3b24e4dcca5d17a0c51e4a45c82aa

SHA1
900635944dbad742ae82aa5476935e97faab3ee1

SHA256
0c003223a442d4b7b17d1d2ea8e45d85d08112d49e3939d77c078f46a634117a

SHA512
5493c45b4aba4bb1e4a07bbcabd2fb3a0dfbb4c5a3f3ac6988405d02c82e9690ed5e2a378d042bab89019e2e75a126b2225837dfc8ef6a8abcd7accda727966e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe59bf8d.TMP

Filesize
150B

MD5
3b0b90b2cc0bb4fd180b3f0fdba6e008

SHA1
420417b277bfeb5adcc3331ef8f17f6fc9d6fd70

SHA256
71c23edb5b1bb3fa1e00f90789849e5cf048c81f4e0e51783ea9e25e930882c9

SHA512
51a917d8a20d3ed23478d4c6fa382ec6733fa82c43e93244b85e0f8a7ae98151afcbe59526a390b7923b5478a23d3182054f0210ef44395a134c8ee61a2d534d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
2a08fd08fc544f831c8e03273aa73f27

SHA1
a84159647054cda623bd561a4803ec365eb52414

SHA256
d02ba5d000989d07567bac07497f218f9b97f39803d5f1d9c4c20ece6795bb27

SHA512
4da44f5ee25c4528d9502914a8f4860af20a1776571a2c1a032d2a945814f460f13cc999598c79e7cb5e1d2dcab5a8c2384cd8ea5add575d92c0b72fefcceabb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
1e67bafb6c47fa6345d35dbee791c506

SHA1
ecbf25e5507d249cadf1946e294cc8c25e3b69de

SHA256
f99af958d85e60270d04ff0bb01dc44bfc783a051dea169cb229304f6b015601

SHA512
971849f9ac08aef70931931ce84677033005d46c3330a5c61d9ae7a77b0ae136341699cb67550e29b5fca2adfda4a48942fc3d292c4afc67b07438234ac3fb91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
3814939bbcf7d972d832a3ca10bcca02

SHA1
7c47e7963f14e6a48a78a8b2e3aeb2933ba01ea9

SHA256
6f8cf80c737d0c5dcdd0c5d6b41c4c166a761ae07842b9dc8903101de3af60a3

SHA512
2d8235205383baa35e03375b621cc9c90224d4beda2944ee04ce4d87d8c51818b16d0758ae2e1a8a680a9ea85dc39839ae11547dba37e8bac5984cbd70323d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
e9af51e0181ac081d8990fef0f59046f

SHA1
129bbd94c2778e2b6d5666693b6a01a91258b1b9

SHA256
9fcfd6a6891c73d77c9612c14978e65ab2a4731a186cd888058ce51828176f64

SHA512
9fcd4efb9670fdca850882eede2d959de975140fe286823942e497498ed0c75a4fb5f3fb5646d8d8b3bcd68367ac0609a8f52032eb092384c3ddb472c02cf84c

Download Submit