hxxps://roblox[.]com

Analysis

max time kernel
1800s
max time network
1768s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
01-11-2024 12:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://roblox.com

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.

Query Registry
T1012

System Information Discovery
T1082

Processes:

cmd.exe

description ioc process

Key value queried \REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation cmd.exe
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service
T1102

Processes:

flow ioc

201 raw.githubusercontent.com
202 raw.githubusercontent.com

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000\Control Panel\International\Geo\Nation	cmd.exe

flow	ioc
201	raw.githubusercontent.com
202	raw.githubusercontent.com

Drops file in Program Files directory 2 IoCs

Processes:

setup.exe

description	ioc	process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\27cc71b0-b40e-401c-aa06-33fc3099dc48.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241101124033.pma	setup.exe

Drops file in Windows directory 4 IoCs

Processes:

chrome.exesetup.exesetup.exe

description	ioc	process
File opened for modification	C:\Windows\SystemTemp	chrome.exe
File opened for modification	C:\Windows\SystemTemp	setup.exe
File opened for modification	C:\Windows\SystemTemp\Crashpad\metadata	setup.exe
File opened for modification	C:\Windows\SystemTemp\Crashpad\settings.dat	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
discovery

System Language Discovery
T1614.001

Processes:

mshta.exe

description ioc process

Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language mshta.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	mshta.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exechrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133749393516398168"	chrome.exe

Modifies registry class 2 IoCs

Processes:

chrome.execmd.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1361837696-2276465416-1936241636-1000_Classes\Local Settings	cmd.exe

Suspicious behavior: EnumeratesProcesses 16 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exechrome.exechrome.exe

pid	process
4472	msedge.exe
4472	msedge.exe
2640	msedge.exe
2640	msedge.exe
2016	identity_helper.exe
2016	identity_helper.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3024	msedge.exe
3760	chrome.exe
3760	chrome.exe
4660	chrome.exe
4660	chrome.exe
4660	chrome.exe
4660	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs

Processes:

msedge.exechrome.exe

pid	process
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe
Token: SeShutdownPrivilege	3760	chrome.exe
Token: SeCreatePagefilePrivilege	3760	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

Processes:

msedge.exechrome.exe

pid	process
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

Processes:

msedge.exechrome.exe

pid	process
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
2640	msedge.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe
3760	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 2640 wrote to memory of 1956	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1956	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 1376	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 4472	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 4472	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe
PID 2640 wrote to memory of 192	2640	msedge.exe	msedge.exe

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://roblox.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2640

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffbff4246f8,0x7ffbff424708,0x7ffbff424718
2⤵
PID:1956

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2076 /prefetch:2
2⤵
PID:1376

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4472

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
2⤵
PID:192

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
2⤵
PID:5020

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
2⤵
PID:848

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3952 /prefetch:1
2⤵
PID:4596

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 /prefetch:8
2⤵
PID:3724

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
2⤵
- Drops file in Program Files directory
PID:1312

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x158,0x254,0x7ff616b65460,0x7ff616b65470,0x7ff616b65480
3⤵
PID:3824

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5812 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2016

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3684 /prefetch:1
2⤵
PID:2724

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
2⤵
PID:3208

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
2⤵
PID:968

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
2⤵
PID:400

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4984 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3024

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
2⤵
PID:3048

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=928 /prefetch:1
2⤵
PID:4020

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2064,6208392604101796708,7770463082085977941,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1
2⤵
PID:2688

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3792

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ffbee23cc40,0x7ffbee23cc4c,0x7ffbee23cc58
2⤵
PID:3556

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1960 /prefetch:2
2⤵
PID:928

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1996,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2108 /prefetch:3
2⤵
PID:4716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2348 /prefetch:8
2⤵
PID:332

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3192 /prefetch:1
2⤵
PID:3936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3224 /prefetch:1
2⤵
PID:984

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3728,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4452 /prefetch:1
2⤵
PID:2720

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4728,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4772 /prefetch:8
2⤵
PID:4580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4740,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4736 /prefetch:8
2⤵
PID:4768

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4956,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4932 /prefetch:8
2⤵
PID:3324

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4996 /prefetch:8
2⤵
PID:608

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
2⤵
- Drops file in Windows directory
PID:5108

C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x298,0x29c,0x2a0,0x274,0x2a4,0x7ff64ea64698,0x7ff64ea646a4,0x7ff64ea646b0
3⤵
- Drops file in Windows directory
PID:4672

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5000,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4700 /prefetch:1
2⤵
PID:5096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5360,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5272 /prefetch:1
2⤵
PID:3632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5424,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5456 /prefetch:1
2⤵
PID:4540

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5596,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5708 /prefetch:8
2⤵
PID:2104

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5116,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5708 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4660

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5852,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5152 /prefetch:1
2⤵
PID:2776

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=1544,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4036 /prefetch:1
2⤵
PID:1200

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6016,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5156 /prefetch:8
2⤵
PID:3408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=3312,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3444 /prefetch:8
2⤵
PID:2724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3300,i,12763383692471432170,4938163980695992938,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3500 /prefetch:8
2⤵
PID:4516

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\BSOD Virus.bat" "
2⤵
- Checks computer location settings
- Modifies registry class
PID:2876

C:\Windows\SysWOW64\mshta.exe
"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\bsod.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
3⤵
- System Location Discovery: System Language Discovery
PID:2084

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2296

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4944

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
1⤵
PID:1140

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1708

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
301692189d2731607fadcc9dbff9baf1

SHA1
36528022ff5e4a96a61df6d217fb37be342744ed

SHA256
76665d55a62e0f61a8d2ddd006e04b91dfc6d8e2db217fadc3a436bc601d2d57

SHA512
9d28f872867214d7fc9dfb8749ad3909c3f8d5bdf4d7ef2885427c96456e514dd75dbb20e06e6ca51cf03cc82d1bc9d78a770fc5be9b6d4338ce2f636393ab85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
72KB

MD5
7c244372e149948244157e6586cc7f95

SHA1
a1b4448883c7242a9775cdf831f87343ec739be6

SHA256
06e6095a73968f93926a0a5f1e7af9d30ecca09c94c8933821ca0e45732161ed

SHA512
4ce4d73b785acde55a99f69ea808a56dec69df3bb44ac0d049c243fc85544db4c020412634da52a069b172e2484a6f2c36799e38adbfb988bcb5703fd45b3601

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
409KB

MD5
18bd609e9e25b441284a38abe13dcb14

SHA1
c137f50ce3a1f5ca15db6f8521ac60714c382680

SHA256
f7bd781f0cb1586fc29f419873802ad2249d63f760d1d6653618fccb24c8416b

SHA512
fd48d67d84ca502bfab1d3e86db39c2448122e62113593a31191e800fd5dc6b20acf63015f0da5bb72f3caae59dc1ef18889c6eed371609908ae389a6a7f150b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
37KB

MD5
c130e937317e64edd4335e53b17d55a2

SHA1
51bfff9dee11ab5a8c43198c0d6178799ed9433b

SHA256
46025a134ebdd6c6464ff422818e60938fc41af735f7951f4febe29f57612a49

SHA512
68e5fa69101a7347028ad30d7c004dafabcbd8f8009df90d0471b19a36741075d72da56a2b1693c2067902630584bda5536f0702302db5d69f407424d4a964de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
37KB

MD5
c67ee59476ed03e32d0aeb3abd3b1d95

SHA1
8b66a81cd4c7100c925e2b70d29b3fdbd50f8d9b

SHA256
2d35ec95c10e30f0bddbfb37173697d6f23cd343398c85a9442c8d946d0660e3

SHA512
421d50524bd743d746071aaad698616e727271fdf21ee28517763a429dcb6839a7ad77f7575b13c6294dc64d255df9b0a64eb09c9d3b2349fef49b883899d931

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
20KB

MD5
2766b860b167839e5722e40659620a47

SHA1
47766dc72bcace431ee8debed7efcf066dcd2b59

SHA256
725a5e52a501bcd107624aafa44a857c00d02286fde07be774afeac2efed68c3

SHA512
a97f77977518ca755e9460cac34e0b5358ba98b3624c53f0e1ef7b947e62a6f3f99caf2852fb3132c822525d88b67b9c1ed778b3e40083d9df36028c85f73ae8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
19KB

MD5
a65f7f00889531aa44dda3b0bd4f4da2

SHA1
c8be192464c7e60d4d5699f6b3dabf01b3a9d1d3

SHA256
0dcf11ca854f5c350637f7f53cccdaf95492dbbf779b905138e26b1ec1dc91e3

SHA512
6f48f0f7cc1a35a9068c1284579db065e0fd4b2651355d68a8ff5ae9df86090be3f6e5ac4589585166829087c8bd3c37431a7066358eaced0cdb6c5a0d544fae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
18KB

MD5
2e23d6e099f830cf0b14356b3c3443ce

SHA1
027db4ff48118566db039d6b5f574a8ac73002bc

SHA256
7238196a5bf79e1b83cacb9ed4a82bf40b32cd789c30ef790e4eac0bbf438885

SHA512
165b1de091bfe0dd9deff0f8a3968268113d95edc9fd7a8081b525e0910f4442cfb3b4f5ac58ecfa41991d9dcabe5aa8b69f7f1c77e202cd17dd774931662717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
58KB

MD5
2389054bc92fc6a9b9d21997feabb1cd

SHA1
d46b4bece5021bbb060dceef4273475b879c75de

SHA256
5c38b4d4f6b902a99e4eb9cd922a2a2a37b549388bb4dda0b756bf6d5887d6da

SHA512
5525a4228fe65d25f0084fcde29dce0b97b80126e36875d226549f379e56ae52c0b2ae12752b188fb9715812d14d740f1ebf35f3ebb5c1b4e3b564836ed30b0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
99KB

MD5
573171f37ef3b1e2e9f027a0efeec296

SHA1
10afc06abac9c1a5ae3dd14b8f6f71c701e72005

SHA256
0a3f3852831f4c54210ef4fa161472e962595208c4394a54c26f704a29feafc5

SHA512
93ffd9f39f42d6f743527d1dcbaa6936704a5273d73755498a7a9363042a05e19da7b14ceb8442fd2353c786aaa9dca3bce44a3eaae7aa0716f382dff20915ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
38KB

MD5
37aec4358e8a1daf2b03373f1393c424

SHA1
9fcff81f2b66b35e99747febb38257990dc7b1c0

SHA256
37725439f55b6b3968d3077ad38940c42e2534f849f07d35d9944c65702d7480

SHA512
ebc8f9e7f9bd59a57ecb2360e0b9a98b05ff8355d37f1175b61f1320f72f744a9636cdfddd91fb97888ad8a63eb65e0d81ea5d6615151244af2d6c39201a48cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
53KB

MD5
cfff8fc00d16fc868cf319409948c243

SHA1
b7e2e2a6656c77a19d9819a7d782a981d9e16d44

SHA256
51266cbe2741a46507d1bb758669d6de3c2246f650829774f7433bc734688a5a

SHA512
9d127abfdf3850998fd0d2fb6bd106b5a40506398eb9c5474933ff5309cdc18c07052592281dbe1f15ea9d6cb245d08ff09873b374777d71bbbc6e0594bde39b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
88KB

MD5
76d82c7d8c864c474936304e74ce3f4c

SHA1
8447bf273d15b973b48937326a90c60baa2903bf

SHA256
3329378951655530764aaa1f820b0db86aa0f00834fd7f51a48ad752610d60c8

SHA512
a0fc55af7f35ad5f8ac24cea6b9688698909a2e1345460d35e7133142a918d9925fc260e08d0015ec6fa7721fbeae90a4457caa97d6ce01b4ff46109f4cd5a46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
169KB

MD5
06ee22c1130c16f74e40f8bc80f7af87

SHA1
063700ffcea738657f0f91c0a8d60c432619d7ef

SHA256
685b9649a59863fd0e9f73e6c57853b431d3cafee09a916c198e51262b4dcddb

SHA512
1b993267fd6f4e4565bae8039e147dfd9bdc7cd046c753ae287fdd712da96753e5b2af5caee72873a409db7022a2ae2fa9644f343df973aa7bd4b8bbaafaace8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
19KB

MD5
9dd51381eaadf36afdba7b1f41d90ef6

SHA1
ea9230192be07b2ad8e461dc80c40825bdc15f86

SHA256
bff9573716707c999e035eb65bbdb29a40d3a09b9d891527ddaf7bba7878cb7c

SHA512
a25f7ae307b378411b218d62095c0cea856e8dad984fb552286f0c113bf44639e4ff7d4ace52c79e3ecae5b053394a85d4677b12038dc7d22ae83aade9e9f990

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
17KB

MD5
aea6acce595d362de59401b8293c8056

SHA1
47604f2421733bea3ab40339d2cc106d498b8c18

SHA256
a8575c95e5cb1fcd5e761f1fe980ea89e572adabea6d5b52d16d179fdee98da1

SHA512
e5501c57c0c5e3abeddfcb67c11822bcc1f69c6332b6a5eb188214e837019096b193317b164df2bdb046765e64c24d8c4ef48fb837f4bb69151069c17b06247a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
19KB

MD5
0ba03eda1eba244b9bc5c9ebc501f763

SHA1
3e5258da2d5e72ccf663ee95d8889872c6093d68

SHA256
b912848f529cad89fe2d7a7f476d22b778bbbe27f4b67b1b024ac92825e006b3

SHA512
1941bbcbbc5dff11c475005f1c0f156f1575948cc89e10f16e1d64bb94c918b5b738f2f890e13e17aaa27ac3df26e4c8b1d4a62248b72379cb89ca992f8d0699

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
18KB

MD5
7d5eab356faec5b5f4d54a6aaa773bed

SHA1
25b586f3c878feecf21a0e7456990d9882e818cb

SHA256
0d2392b48ec59632d23269b239b2153ed66943717a0d3711628fc2dd52a2119e

SHA512
7c7649ecbfa3deb35a6f08134ea3703a639f957a254454f228f4ded47b6c5a73f03a34b8368d789a2b92aa7a9a979c9aa1fda64fd5531a404d3b2f8997dc54ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
63KB

MD5
284314c29611f2a83224dc0d89b34839

SHA1
9782e6b7ab14b6881615e023b9305496d4f0dd6f

SHA256
aa4c6449f38ce57a008cccb28af6039df2c7ffa8f25e2a50b92c0a7ba13cccd1

SHA512
b0e79541eae9bb8cae260c051c0164fae0d0457c006bf15b883aa2539c47de770d02bacf55af6c240de3a6ece631a6809269196ed2db7ac226b4fc5232fa435a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a2b3222d6b25cdc_0

Filesize
352B

MD5
fdccdd31327b3db5c846e3eda29863e2

SHA1
b78e2ea7c603feee05f0543ddf42ab619664418e

SHA256
d0211e2cbf58ebbed1433a98ee564bbaf64ec84bb4297814d41b4afdd28b69f3

SHA512
60a6e33c099818a6eb88c2f21fafb5909c150dcc97b71e446c9af3ba05c9ca33d5e0939d5b52406d62cf66665918f9eb9875f569f3bb9b20445998f26a8df019

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9256f069b7362f09_0

Filesize
282KB

MD5
5a88f1f6048c04e01534150d77323d97

SHA1
3eaeddcf5b58179a475c0f38c03a844fe346b4f2

SHA256
7e9875bb9b342b675cc22ec72e11163c3834ac147ac8a548a4554b9a9a57b29e

SHA512
a1134098123cf2f2d8660f11e8a591ee877d6aec15d400276adde307d7a5233abc7e3c895f03d77455d00e27a200bd619c4bbe1be798d2166f93bd32560db942

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ad3da63b93fca116_0

Filesize
8KB

MD5
06d43a821fa8779715593e91eb260e07

SHA1
8a78ab61a6a9e0d5ed6933bb587b1d2ad4f29771

SHA256
5b072c60bc20f748afbc105daacc02dba9b5eb6fa885a8c1e5f825c3317c597d

SHA512
12afc88359799f6146cd4b6fa302bd4edef3d30aaf172ec595cbd3684ae5d8a454cb73f267f47d76ee0d22f970c08826cbb22d4c16f4dd3676e835a4bdc479ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
2KB

MD5
3f5545fa31725c9f30f4762dce2a2c48

SHA1
2e7218ed4e65f7d09e459b7e4a3ea652b9532250

SHA256
c3075d0c2a617c74b7e6e00cc0e42c9f717a8c870cda22410eaf13b2d9e2b1c7

SHA512
9c3971c62a6a88e8dd705022b3944fe648ecb86638a2bad7973d2d0225c7f9e152b3c23283ca0642f55e13b0b8ea5c8adfe13467f9605e64ead3004a7ec0a545

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
f0c4caf5eea384cbf70d9e1665181595

SHA1
9e3370fe3d5368ab866bb27928163e238abceb73

SHA256
955d5d428e4f933f1a99aa1bae8c7e8cd8233800151bed5f353c40d8b7a6e359

SHA512
d99770ae87d538e0ccb07296d23fbbd37963b484d5899de3b291d8ec4820692bcbbdbc5c37a6a2e09a04721d2233631316cee7c1b00161bdf0300a285b2ec50e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
9387c29b4140a56a841fb379ab32ace0

SHA1
d6e23fec337250d39683c79927baf1e0e4d85a72

SHA256
9c311fdb08eb680059cebc008ad7aa62bca167dc376eb353ad99bba4fdc3fa7e

SHA512
5027ab281dd75d3ee49e3b45e1c061ade635734ad2c38d61409e5b480ff48478d201de0e5ff21117d67d83eb72187065b8898762bef2973ffe4c791a57ae6d2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
e736605c4c8f8e62cba2eb9d4744cb80

SHA1
8b83e45f877d6b593d86719c96825f69568003ab

SHA256
d40727ca4ef82aa237adeccbdc87fad89f116767ea3e914a1a581da75c55ddf2

SHA512
e33a832927782db6083800e8e115249571e374e75ff42c575431cb7c33324a2d3df2966696ee116c084220c60e85e990249d4bfad78c8c18c3cc1304a68a9ea0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
14887748e037594108d68626eeeac814

SHA1
e2885655411a5e6e2517e4dab9ef277478e01b7c

SHA256
ffab258a569004f6047e357539e1aa947d6ae29546e1a3c1ee5fa76388186ef2

SHA512
fad857adfffbb108a927a39022f7df454bbd23f999a9ba6de0b4275553925fead055329eb52ff5657efd8aeb5d62739c519df013e7a0bea3164749711d594400

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
95d373339be07e407bb01960dc16e569

SHA1
39e3c905dcd7da2236b70247dd578165bce2dc01

SHA256
4c2f8be22c8fccce57dcd11e20e7c5aa2823699a56fe7695684a3d10269a0322

SHA512
17dd5b3a923e657ba886943f02fa0350fcc9a0d08b3b2c1db6fc2d7e8f62e0792db6da51924bde3d1be999dd40cff29a96e86036cb25191358bddacebc5f8764

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
352B

MD5
5bf44c2cfcafb351ba2122172a3fb731

SHA1
1879e3811a22ee5df7d20c3a0d246224707274e2

SHA256
39b3c12783ce4807e15912b01f84ab08339d0cfbb858490db365391b2ca65b03

SHA512
fbcd3806faa1e6f79283f02eed96ef9206b12404e68820285d363e63b9a0d2826117401df56b05318757d21f626261a6b621284e72f1900d513cbab2c9ab2fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
505bc5e7852f25630b6afb769e379ae6

SHA1
791cc6506e3b100a6a29b35a164e07d177eae11f

SHA256
f48f8dc4a325a5a6dbf9088b914c366a34ce6d4481816ae7f720c2e6e65f7965

SHA512
f2d39f2ce8fc97b4458c886762d5168719526da997b1009de930f10ec31ee5fda9e9a621f11f4c5abf6293b423c661ee6a4288eaa2759f4c2e4ee7ab5e658940

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ea2d7ee1605c4750598e5f9117597c43

SHA1
c253f6a4f9adcb17791ec0340f9b96e899ee12df

SHA256
349fe5e28686372395e919cb68e565b2c0984190f76797549ee3bfafefecde18

SHA512
7c6405e153aa8d130b484657d8e0464ca5730e42f2cea7f95e5979aed5bc0efbe111beb038cd393d4f0ebf9ef5cc3e6ca3d0982c979670e084a90e824c81695f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
855B

MD5
79cb4273638fdc7abc4f7985f66458e3

SHA1
5bc4de52aca8bf988fdc31149947ad4fee42659b

SHA256
ed06a4623587ad9aaaa908d1a63ca1f72cda34f8573b964441eb80a22fbed5a7

SHA512
d04cef09c8048a94815dadf9c468e5d40a8e3ca332fe583eead697a3ad8bc6563da27bd54c343d2e002a8c6ad9c55e48818908aa485881f7b2b9e76d6ec1d4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
855B

MD5
7b7c4b5f322a3f652d7e8319952e54a8

SHA1
895e0044f4ebb5a5e3d9127858d3e141730123ff

SHA256
7fe3ac8a3fd517371d60226c4b8db9e375153fc7185a2f001bb69eeb3fdb6237

SHA512
2936a8207812f2cbda3a2b529d60d0ba48ab53513b76980147d84a3b1de593cb7e266859ac56521962e7eaef50721048bf72ee4e7994e17be6915f914a797c57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a64d64426224bf2b54fff79e451a117f

SHA1
45cd7d3bb2bfc35441df53bdb8c414da0e6fd779

SHA256
264cbe13c9c707708d8a79931dc392f787371308e4422dd6e91bc6b7e2413ad5

SHA512
d9a6a21b2971be4880a09dc6f4e3681c069677f0bcc59b2bc47311ec31a9b2689f9212ece28a50d25077e2439fb52ef6a0abf24d68b3e0da43c0129f8e7508a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
f50e383d6f3ea87c97f002bd6f98c368

SHA1
f856e131ac80e7636e0bbd12d8ab12780b03ce35

SHA256
b2d2549d14f22ce7cbdbacf4e87b671bc22015311bea53b1eac33eed6d6cc0cb

SHA512
6243875fedd4a4f1a2994dcf0f6c863087ed1053582567a3bfe1db8fff29d4418ea5575329dd50ab3b4e582d34cf3a207b9259db80c94f6c0d9d7c1fb2906944

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
391fe7a6ae29c920c13ccdff47455fb3

SHA1
e8053e977ffa104045acc21c44df8c0128d70e7b

SHA256
b77d050e58c6091e7bd3e85cdc2d8a5ec2d7f18225c2494762fbf6cb48729fc7

SHA512
f977b0e934990ffb290c1d2d336bfdf8175277d57877281f031658755506ad1ce5fc496c5b3e4807a6c003aa8e8a497499db1130745c1ff33b43fb619f5a6cfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1022B

MD5
a47b4160ffe92a8028f7d7097f9d15c2

SHA1
3f2a9f650589c9bee7f1d65222523fdfea5cfe0a

SHA256
525de38ec5ed5376929542f0c04c1678fff94add60864225e7b41de94d203cdd

SHA512
b79bd752a20203f314898c81db81b0eff110c4343cf0d17585967ab0c03fe08e83d9610d47e1812b025f0bf2076be80d6d9294211f314ec0c01a370d6989e62f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
65fd566f9616a3580e57339bdf0eee3b

SHA1
1b2956d69759e1f28ce715da1caff5a9329f079c

SHA256
d06b9bebc2b9b95bc268b78ad7d6cc956ab41b322fcf8ea724fac810a092f985

SHA512
b6e39ad9292b0e0ff6fb9031450feb995383bc81c6a397751810aa444ce90ac14ead80148f0a4a44f1467cbc04f382398012bc07f1e542f13602b7d3b7b561bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c8bd7d3f75cd1172b156d7f5dc6e6e94

SHA1
ed089c45b8dd0c82ef63ba3cb7e6813a19e8e910

SHA256
493cda8034082504694c4dec4204f070b549c73b9524008e56c95f1aa59a984a

SHA512
b756ad6bb368d666a76dc55fb246374f795c31fb44c394847410d28d213ff0199aa5d12a7785abaa47e77e4f0425ec76aa818e7cfaa50b3572a815bc811b1c01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
30abd4d440e0ff6c8aadedfc12545080

SHA1
d3a0e0d108bc03b710f2c3855863689b8f3e49d5

SHA256
69eed855e98ef3c8b7da293d87974fd624b9a8dcbc3868a127f7fdb57e10edd7

SHA512
630a151121c12f7d9e2eaca0e59397e5ad1b75d3ad8a0e3d5b079d4188bba991c8e6d1514c1fe991e0b37388089c2843c3b95fcb75fdcf2a1c23bde462e5e235

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
631aeed5d468d83229d766158e650111

SHA1
04edfe98714fb0ef65d80de0f5ecec9ca0cd0dfb

SHA256
527b78d786691137e0a899ace73389bf1e5710831ac76a00f663b6f5e86ba7a0

SHA512
bb68ff68a4cc42b64da3ab5d6d65fcb5902d2c9a79c8c0a1b4e3c6b14cd0a5364bd52449049d153bf494d72e3b0dfb0e9ee822f58ecf4859e2577014d42bc4f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bd9089269b03aae5cbf9119fb8145a0a

SHA1
e6c84bde3bd57326762f44f5b23cea7c469a3c9a

SHA256
fc1053994e63859089cef1067e0fb9f982a5e33d5bd8898d95416a89eec901d2

SHA512
c71e501199769b636f9a7f47671b481c66d6ad1422cc09e2094a134997fa4f2143d50a8f190d99629a8f95bd791117a150c7520b0ab945a39577a6b9907f2d51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bc09a349bec8cc7413f73a3e6ab8da19

SHA1
f4ac7032f1a3643eeee3d0ddceda44a1d8d3f11f

SHA256
45ae4c061b98a9ad336c1986a1033ceeca7dbd4c226b6f9e1410086997938303

SHA512
0f0c0bcc62239c32a7c96ceb5f0628a944e24e905243ede2c4bff34655e71b3becfb81f1135b72ff987d95a32bc28cb43032ce41c1dd0c7cc450df283bc6410d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4782e19867a21874ea5e53c34502ce1e

SHA1
bfd48e356c86ff0f84e91290663d389e055e3be2

SHA256
8fc1361e94f634eabb14adef6add5688a14fb1b8750c7b294c2a6ccc9e39c317

SHA512
6cebd170d64133105348ccb69b36664eb1622e37c09129b9e5fb1e14d608747f336aecda3c96612eb14932e8a38f3e6d22d1b05bf6fad7534fcfd68d8deb201f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c87ac26bb30a443e881958a1ecd99d2a

SHA1
574ff3a5331224ca410360385451425ba306f9a3

SHA256
e976bd3f16f42f966328b3fe585252a9a12db1a76a14478ea07b8b24aaa1ee05

SHA512
f66227dcf12c3842ca3142aa2dd20cd080baacb35fc81e36376eec555b7dc4d300d11b3c8da49583d344d51eac03328e4fbd0f3844d834cd36343941972a51e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e9026860e6f3e34669d67628b1e66eec

SHA1
aae99ab376ff18136e31a40f79a4f226e2ddb9e1

SHA256
e014a7f43627c892ad18f07e74d7e639e485bd8c9cc9fea75585e3b5350d5ea0

SHA512
e763c5a638dfcb6d17a808020673a9313280b84cb859dda7d6d1f5693bc21f7c620e54bd009e814d1141d6f8cb50eed7aac3dd20d74753a7ad46b3e1c203fc24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e124e7c8fe7386779aba5d3f28487ae0

SHA1
0fb66ca93aac1c7285cb47514539fdda153c48f7

SHA256
01dec69068d20031222fb07c0b6d35307abcfb21ad9e03d5da062f55806a76f1

SHA512
6a0065898e003fad80f85bfb0919c7c04f5908f4caf5c98a7dbf32744b428d0c5326556a4335f825d0c998f2d7870396e5bef7452c17aa58365f682ba3ec4904

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d3b14ac20ccca23eade285b4718c581f

SHA1
f327c28d23c30597b67beeac840ecbeb0bf242df

SHA256
241055549f409437542cc07226354384618f8757b4dd4b98f2265df517ac20ce

SHA512
a4f0c126b4daa4ed9eebd44195628771196a1691b5f160d0543e3a6bb3fcfe4414ba8227c9f6c3ea214ec09f082f202cbd729ad22ee5a8a27be6fa6e4ba33784

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
24b44191463758b7c5fce4388a685701

SHA1
dee8a19dca23e2f7446eb9f54bd0a9c7f43341ba

SHA256
c8285c5bcbcd9158a6a33c0491ff6b0a409ef3e1ff7141da506a8d890c11c4f7

SHA512
59ac24e6917cd26b2d3fbc9163b13186ca6c14b7c91e55e3a88c2797c83b90d803268782f04864fa0ed791530ca7de8870cffcc1042d666e25bbe4d36b0a1ca8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
58b60bdaec33c067a59d6a984bca7dcf

SHA1
a7f4170fa9c14ce4d8c545a78936d4f6314165a7

SHA256
7f49cd7bf712a3a868cffd7e7f48796905897b44c0cb62642323384986dfc074

SHA512
98247f32f2905c40a4addedee07b2885d41b2db99c122c431374b4dc74a32621a02be2bda5a1a75e678b521ea082f3cb8f70802f1a379371554878368a5a8fa9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7f09041c81b68a6989a9e696c54f25e4

SHA1
575be88b82613f7c3ca5bcabb707d937a6641a43

SHA256
40a1c40e1ebad310df6ab0bce11e3c7c160d24b67e90b5d6620372493d29f889

SHA512
f29f3f861fd9bf920c3937a210111b190a32ea01ebc60021dfdd5c221ecfbf993596309f095977a54014d9f5d18896a8f160d4082a24f14fac8bc743269e43f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9094c0702306620db9d58f53977592c2

SHA1
f8cddcbd3fc5c7d9359363b9bf8759ea386455bf

SHA256
d0f9ec5841701b54a22f283963fecd34920201ebbc138e5b09e6ed39a195b8d0

SHA512
bbb4770d5308e01a05947d5d7633f017ec4c4169ff635e207ff844c25b58473319fbd08838d3a3640c386d8c6b64a0b93de44a2b473cb763b950aa5c73f7f917

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
98fb3cbc317b3e0f8a68730f296bd829

SHA1
b3f3dc4efde3f557057a6bc1ad548dd1386f68b3

SHA256
d175d13372b0021bb3802ff16c7cd9bb9fa9937dd862c1ae75a3fcb3f5222a2d

SHA512
62d2e23c505a0baddb15040db652595a227e76e415182411bb42137995af4315b3afe0b2e44d06c9df13536653df79c251af1d1a729dc33073dc652543c2c0ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ae4ed64b4b89f3d3fbbc757af3f46b51

SHA1
15ca05da815fed19029f282f02bb74d5512e01df

SHA256
0653861e0a795b961b806e83f27e4623a46c8fad749a9b1cb730606d54cbfc3c

SHA512
671038c7005087f35a378e697c9a1c98763e9bf7b07ab0a44ac302ce2b9b99977910e65970495f952e44c7a010a47784d98bf85df76ff53e3a38bb270dccba3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d16d9cd716b3ab817481aa3194031b28

SHA1
6453626c8ba97b909ae548a66088af3510f3be89

SHA256
825c5f1fcdcf4b2773ed51b6b40f36d984d10784059cfae357a5ba28880a720d

SHA512
94cf73dee397ab151075656852bdcceb7a9a4c269f8fe78e7ccb865568a0351632380b9332a9c839376f5f39e668a9e9bcb7c19f9a8d2a4515d51a22931b1b13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d852d0895f670d057ca3e6376760cc95

SHA1
c8b855e22c9494dda66d8ee91d118d1f4a96a938

SHA256
ba172cc2d27ff5ad6d36729283a0e38a13b46e5ecb7be7aae5c40a451fe19906

SHA512
6dce12105debce9b5689f90c9dd91f6565a4540b7b8d1106689ac8b7c52473d3b0734b14eec3dd1d8654ffc544428b984973395881679a56e44e541707a97a59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f847508785f9ff2d0473ef5d5df093f4

SHA1
fab64daf187a65a83cc9ccf4f578258539841b02

SHA256
765c9d063703a98459a9e2cdfa4356bc9b4e2a7dc65a1950ea5f7cde3e019a05

SHA512
63a91677c2c46a85b985c3c882e83900f619b02cb378a4db2de0dba720b990bb8dc8d07532c40557a71310230ae8dbd8fa5477687210cd042c574c0114b7b7f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
e45c324d25507b506e1a3341e461fff4

SHA1
76873ca4fa72c34373e90896b83ed77d1dbd0f21

SHA256
93c94ac0905490736f086eeff2daaec5cc0f3de4bf0c69bcb349be5c13f90a69

SHA512
60ab7ece24588e97ada3d41519a315205f7529a3cb5587762e1ee0fde5f3cbb1bcbe5494210c70431a26509784daeeaf9bbc4f78fb0b876c6da9879a090133ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4e7da7cbb501bafdcbab5bb2ede5205b

SHA1
b86f5b77b938cec4ac7794f9ada8a84dc2f237d0

SHA256
7728b309f1d7da7553cb90dd82d51831d6f773f73e22273f0cd5290c35bfaa8e

SHA512
3a9519b43facc868af98f3dfeb319df258e257efc22cc45b50f7b08ac02c81dad30d03370375c2438dd94e5325084f6944507d287e786d6284de2924bcf2e673

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a7155c7db5e546e7d7fb551eb23621f5

SHA1
2ee43b3e879d16073a89b4a4fffe4fe564a74189

SHA256
d753add34bf5c9bb4beda148dc9281e9accf139ec6430930ca05eb7b99cf4cdc

SHA512
b1d70e1d262c6d7140e5743d0810f126f0e7d89425fc709a5ad3a32f69a7e7630f05487b5ba465da1a2370dade5346416a5a5501675c89d814c6fa46c5c5e96a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c58cdf3b2a9677ecfba85585ec3cc68e

SHA1
509c69d1e2629f422bdc31299f9d375e2bc10811

SHA256
eeff96993ea508c4ddc2147359a5b695ae90f41c11b4e245c2f7ec4b6f929c6e

SHA512
29cee6ef8fd6f27b0a14f2a68d74393051cbdb4b7501adeebfe94a23a744f495478cab3c78f7516f13bda0d54a599063e78624ffe8475d2787e97cd0ade22297

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
92cca2bd05686a8ed141530113e05143

SHA1
0224b2484c72cfb599756a42cc3b395bdeff8f1b

SHA256
09c2037fc8788bf633c12afb081368dbb2686ee9519ea055bc1e0f49371cab44

SHA512
c1d73cd2ae6c1f15040650ab668b2e713607db1c71c515fd206f3d0969ecf5af658015551db33b7c408aea1f146dc5f9533635a5e92c955a6b4c75c6f9e0ad30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
eeebad4268374ccadff4a18ab1576d6f

SHA1
b17a9c6348376351afe1a5263d895ef8cfcf6bb2

SHA256
701ecbef1a3a56b957bf349d8db15c1efb6c57b896c7155c23b6b08da7685b4d

SHA512
0f7586d6df04042e71d0a595525b02aa75ec43bb6dd3f8a26b1ffbb403a68704d3924bef90634b64e0edc66d95cf8aad6e5825db4605eeffb112093ea6145d39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
46984e83f421d60846589b73fbd60552

SHA1
09ef1ca4742b30b973d8f851b35ff2cf3d8fb5b9

SHA256
426e1aa1f7f28a94d12130bc95ce8ede333e4134e77ac5c68e781ef5a7b0b0e0

SHA512
e63348819bcf320baae6a21a85dccfb651ed30f5e2c540bffb781f776ab8fd8ac62c62f8a03e8bd68a5eac07576f8af1134ab85633dbcc593453941ef60241d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8a9997855bd6cdb21f9966002b2afe97

SHA1
a9aa459bf8a0894f50bd1f67aea2fd0848c75ba8

SHA256
51b7b956f9e01900b7e9a56099ecb56e587d9954e97d5c57a2fdd213fe2e04e7

SHA512
b68860f3662262e7f8be80e425b3c59ede91b98635c03f7458610376a73e530982274dd80cf39e3feb5563b5ec94b2d0111908fcfa526c843232790eaccf2352

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ac22f514028c8c7f5f1360b94d408326

SHA1
0f3369d3375db79d2ebb7df013cd2af97dddb960

SHA256
0b3fe3c6a29c82281b89ff01e2ce4a71cd0372622e10a729c65d11031789d520

SHA512
694333a3a25bc161e49f46125a28e5cbd2a2acd50eb3d157a0d8773cb3074bfc27f7f9b957e94cb3388c9b8f215c111106ecec78cda7243953097edc076bda18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
14289377ec3d6c4d2d3b712aa499a685

SHA1
792543359d3a114ec6c15861945caed07fe3badd

SHA256
7c7e4c84d9258407272f28fd38ef301bf3c1dd366c828213ec1b3892d17adbad

SHA512
38ad1f8442981b9bfd7f857132db262df4e23520536e3e064c7b1c9452fbc361e1cddd15502cac0db86a59b7b16d6690544eb724c4d5dfb479ef4948a15f28b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a7bdce8fd30ee38db3ee66191bbe26dd

SHA1
2ee994fb8a00daa5e214a5105aaa75c5b17ce8fa

SHA256
9ed7cf99d6f20f92dfe07a2062c909b81c1a5e04999c55a77f2ef29325abda84

SHA512
8f12f06bc82ed4eaa54fccdfa5baf98a66677e4a8e6d4e5ce5cad7f0709d85b7a23fdfa0b4f40f862b0481016264ed82f57fb402831bb40009c85e873b5c6e53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
bbe1a3d2a68cd6357451f75041a79fff

SHA1
8df5ede1f3d3e4c815ad601607cde0c2ce85711d

SHA256
b1a2b94056a1250806ad6960103c59a7a6e9094cd6c5164affcdd7f945818c48

SHA512
e0f6b7e227fe2d34412ebf132f902d330170942f92ecd31431572147af697a1a69ab3123b08fc932f60f47e89d4e47e93aefd62c9426b50fa4b60efa16be26ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8b24beed5b122c7e61de7aaf045f7529

SHA1
71eb5802c0b232ab86d6be668a69edd1f6155a0d

SHA256
ae704975b83f64cff693babf55e64f83369bd27e34e18bf4fcdb99052e36a918

SHA512
c6b699cc57e59aef6b0219977055e043520137049b5f17bcd629961033b559fd5702c216d79cddfa95d5fdf1435901e6a58f5af0b5c0758b5388ad5bce6edd8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7e617f1c78c8bc24352b350d602c0bb9

SHA1
3dacad3b8041adfff640239144367a637e9419cb

SHA256
fc63278102c2d5e339e34174b2a7fe2372ec226533d8551d99daffdf403b8a2d

SHA512
885abc3d408a903fdd46e123cbd82b764b4fe466539cbf8ccc50597cea296f00b60c17b66c3761702ecd46f5e5e55d2efd81ab80c8a298fc6efaa24588b8c3ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
1d1791ac9266c876c325f1dea73166bd

SHA1
8b98125d2ec41242693cfa3400865cbfeb2558bf

SHA256
f6836c2613954790cad7adb0c49037506d66a5bbaaee9e26cbeb210a65f9c492

SHA512
4b0800c3de737432041e5bcac95363806de1fa686ef569fe418f110a0fdb9c32d9cf39e77180bbe8ab0b67754ac692194ed969ba3183766d359e330d7eab1895

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
5899f061f6b158d55e175a139e31b554

SHA1
1c0556f5454e744a2f2af20b833c7cfa43278bb2

SHA256
7e696986d38a6c23bfff2aaa317161ff3205562bea31a14ced7ef9201edcce67

SHA512
3cfda90e5901c50927af41999019242a77e635884d612016090f73ef2795bd662ac5fd62145f9be0b3439215819ab5726127c95b6447f8f4ef965cbab4f2b80e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
859944532328b1233747f8d3d8dc89a1

SHA1
c1bb1d4ff377521ca23b138df330297701527ec2

SHA256
246cc05cdb23bcc64287680f897a2cc001be9b76157b7b7ed3107dac7c61180f

SHA512
c86fe6fbcec5d8a7a52d0dbf186fee482e0178d597a26376353b4fd45e62f52177e83a9fceb135fb9cb483e896a3fc28f4853a6c3f0338ff352f1ac3af2de596

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
10289a0f5b8e831ff134766a13e0b615

SHA1
bba5c707efbe725848b49928728ae6a16cc679e4

SHA256
c785cf36b17b85f87543780e403cba1407d13848a29e332f4453172ee012d5ea

SHA512
08d62bd76fceef7b64548dbba28e8edae646cc4b5259171a2781cdb0dd58acd1fccdc7abc0bec5eb40a02cca6f3c4ee5161b93bb0af6afdbf00f90e98f7245da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8193acb2fb823a04d18b5311b13cd813

SHA1
d1c7a4947b9418aebf50783e43671adf32c39bca

SHA256
c6972f5dc8e94f38ff6845b795290c5d85b50c35feb325e36d32af80c14673b1

SHA512
120e428f11d7b88e95c498cd77bdf39e8408030d50b331e74b98122bb4186c0df851c75455c9c8d749e5ab80a4fc92eba3ff01b174fe69da6b87185fad660b1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d84b43071fd8169483eefdd2d2191ab3

SHA1
2cb442a28ddbd006f6d1e2ef27963c9dba5e3472

SHA256
0455eaa2a2c5a18673bd8b9daa04fd9f0222b7749e59abb96460ab4ea5ee3008

SHA512
158d4908f4f9c13d3bbec1cb3da25708b7f1a847ff7478f1be0c6fe3708511b8fd55553068573747204144ae0fe0729f7f6fa15e09dde68c821228e5f6ec2344

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3dc90bcb0dc002050334bca562379bb2

SHA1
4113ad21806a2fe5cc6be92f8df4ee6f6aad44f7

SHA256
160b8da746a04e994d3bfa98871d12153165c72fa7aa74616b97e95569f23f8f

SHA512
b95450ded7d48a3646bbed3c7d7ae56b9d2a31ecef02516531426bd06f0a5c470494009fae8db32d0ef0f68361bd6efd7542f361df1e9d0edf0f4f259cf48bbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
4bb7187428035afd99cc7ce516bf401c

SHA1
0c103ae5d0e073d2431828852ae4b7b714fcbf4a

SHA256
917b983d60992cc92e9c5498527164379e972d57be4532965eaec1c53ff937b0

SHA512
7f760b1b25c6e467d49b1e5a6b37e1cade976035f890cb3a189023bc276ceb7d76dc3f1e3880a4346969f5fbc3444cca7217967403a7c4ff4c9d1bf2f5f7dccf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\fb265781-144b-4655-90e3-fb73727d0c9b.tmp

Filesize
9KB

MD5
cd7e585f1cef74f006813c83f41f2bcd

SHA1
7321679fdca96d81afef7c6c0d81548e59b958e6

SHA256
576dbe23ea75bd46a8c1c6111117e9dcb12b14c2dc5cc77538852e57fa8e42f6

SHA512
8d19ca1a9d9436b33d6f603c021b13773d93722e8668fbf4a6a6636503c285aab54acb84b5c13b4e4e7f2572087bddbdde1be8720121d0eefb8871710d45655e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
2f3e15cb7bd2ccddd50b1ad1fdcf9da0

SHA1
becc5a246cbf3e966b01e1344a08a77e5ffc6fb6

SHA256
cd7642f314beb2e403365145420f00148b16bc27506e6c278a76e55c04658bd7

SHA512
8753b265d456893d12ebf03045d6490a219c4c57924675ac92c0ba8f8fcc892504c47e79a7c250674b3a38e60682552fcb275b46fbed3142f53767b627f7b9f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
96fc46a9bf9e660743d17041e1088609

SHA1
f8efee1a6c70c789d897388ef22522df0c205c11

SHA256
ede92c4539ea24e804de998dbc5a6c24abf8fb84343d373b3b64e94fa8767896

SHA512
251faf4bb13d4b8644a1864cc6a8cf4633bc389ef87735f8c501d5f779b5e4d6bc8f78a3e4201dad026eb3856c397d81ff070125d97bb56ce198cb0d1699ac5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
ef58601b0c307e320344f8a6723d3877

SHA1
51fc44085354388735a10cbce725aee2580d5e09

SHA256
3b96e4a4e6c946f52a0c0ed4032a4323a720318128b57ddcabb6bd68eb08666c

SHA512
9f677fc07b52c367ab5ca466285cff13b023553ec418d1443954a0fd0e03965ab2746c4d7c1c9f99de93d340c9229c8130dc0f83bbe98172795477d1b0b4b783

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
636c962a0e56e1d532106351aae1182f

SHA1
2e27d32fa62d7795a8b96525592494f47fb42883

SHA256
7c59d950db2313b19c198d5a51a2a728d4104b32355e81539a96ba0c4d64d1f2

SHA512
0c4a92be15dbd612be41c27001764a8d004a7902b080dc6cce48126a71d6158c9a1c84a8c877fc688d1d8e719c76b1eb39c70beee20204b52ebc6649ebba66e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
df8dd38a34f8dc8aee225d5a100035b3

SHA1
11f3bf0fb21ca554ba6a9e50eeee6d0122b6da90

SHA256
e4985e863421678cf7e1ec9c624a78204bfebf6e85d7826bae289dc9803dcd58

SHA512
f3ff9d1dda92e9dbd5c70097f4aab0cee277050ec518b43dfc4ef77c01e76b6cfbd36fb3e8c185d3997210947f6798ece16577dac73ce55a167df1ed4014eb6c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a134f1844e0964bb17172c44ded4030f

SHA1
853de9d2c79d58138933a0b8cf76738e4b951d7e

SHA256
50f5a3aaba6fcbddddec498e157e3341f432998c698b96a4181f1c0239176589

SHA512
c124952f29503922dce11cf04c863966ac31f4445304c1412d584761f90f7964f3a150e32d95c1927442d4fa73549c67757a26d50a9995e14b96787df28f18b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
78bc0ec5146f28b496567487b9233baf

SHA1
4b1794d6cbe18501a7745d9559aa91d0cb2a19c1

SHA256
f5e3afb09ca12cd22dd69c753ea12e85e9bf369df29e2b23e0149e16f946f109

SHA512
0561cbabde95e6b949f46deda7389fbe52c87bedeb520b88764f1020d42aa2c06adee63a7d416aad2b85dc332e6b6d2d045185c65ec8c2c60beac1f072ca184a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1088c81df5b0d28442bde88ecc5381dd

SHA1
6d3fc7a9d79ae962cf7822289248715d44a94664

SHA256
9be294ce2227421174ff9015063429152d2f3523e625c2bc9fba02e064fe5f9e

SHA512
8654f933626d4b6809ad2d1a6b77eb4c48d8584a7801acaa2531ac74f6ac3023b1649629493271d15d13b2000b0fac0cbdcbb3d921012a10016e1f562284f71f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
1b41507a85816b17f422b9ac280896f6

SHA1
3e1511e3bd0d41db3d6efceccbe631ff14ef576a

SHA256
3379327cafefa97e2d6906d2a73cde0c742506d76c06dd33f68cfbf4b5c127af

SHA512
5fcec9b5b71a7e1037db940ea0a52daa10c0f6ddbfc4d091b5d36b764241feff50170e4f5b3566a305944296c4a0615faf5a69d1f767a0523c4d5178bdd2f84c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
763B

MD5
e2989aea2dbd16c8f1da762215b72e68

SHA1
2aa5031ca8062d9732b2aeb975117350fd4c631e

SHA256
4153a4c64215e2386c3671be522da28aa0d20de3f53d6632191c9ae53f564113

SHA512
444d8b2545dc9294691c5105ec246c6cec72900423e3597d72b045d332f5afb6a6531140bbada5bdd80b8d9298fc64b0a20ca520c591c9ea7a17fec8b95039ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
689B

MD5
ec66d59ee399767f14f3c64e32914941

SHA1
b00035f355a331ac8539ffca115505e225a0957a

SHA256
79126967f23873cf24ed7c8135b7ece6d40af41a75baae78157f4a6e45d22ce5

SHA512
8fdfa3ae7b4c1f89a5b9859997ce756386a5962bdfdbc1ac4b985ad9c845bab2dc8c443ccc4888dc7f4ce22ebb318def95c737a4f4a2d39c3abb6d762cca0f81

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
dcede588906e13440db03503c55bba6d

SHA1
ebd10558e5df086e4bc2524a135b0140f0a124a3

SHA256
1492404e9d4e475b5194498393440cfaf5f7197ac4e3673d18d494de7d2790ba

SHA512
b9c52a845427b1fa2eab29017839f5a9ee9f66264dbdf71621a190e0361ec3e1b9152146696ffc235c5cfdce90bc8756560b44ea8d19c8f58398e8dcac166a96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9912a8e3f9493bad6a635912b7dee162

SHA1
03a6559ad7a544eabf182bdab820eb28fb606b60

SHA256
d28266734b00f4417ce50215ac64e0eaeef2a105058de4c0e90aa1fa7032417a

SHA512
94e5b5ad821756571666efba5a7a89a6bb9632d8288d78235f6c3deeeb8660d4a56483ab3cb66387442e2adce209aec8bdf49edd3e328c6df543f91b0ea72e35

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
555f3261aed20ba4d5f55435ff73befd

SHA1
0e6ee0f39d97114bff990240606cd4c33469feec

SHA256
4df39f43c0005370341ee2a4fb4095a831952d43e83b4b952f01e20ae9c8eb3b

SHA512
31b0078be32e97e81a8ac9f035dab4a125a9741980e6ce3aeb6403823147ce1ec11e9054c1d8ae7f942eeb598d05bbb55668213c6495617951ab599715509f38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2b0095e3b2fba512ac571b0cc5dc1df6

SHA1
f2475f72f81156cdad2bf627b17c7fe8239cd438

SHA256
2bf8be27382deb19bd2a0595283d77d803873d2d4fd6e75fd96dfc9c0d416f57

SHA512
c3e45bffe8b9becb8375e50830778d502172f017e4e5f0da6172c708695aa3d1d69f6f09cf48a6f830b57bf09a226d4e9852fe22803703c6980dab6a7eee3c7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
9010fe212d7da97a4e9cf63a903ee7a4

SHA1
8f124a736d045eea3c50a9597d18c9af8b128e28

SHA256
c2956b77f9af9f4d79e0198d8a7e0a5b6f880b4d597dfeee25a3f56c05d11834

SHA512
f763ab3261592107fb19b7d6134c7f4d02e921258b1c72f1e0c69a95ee8ed9cc20498259a279cca9648bbd213a5234b965a9196865d465e1f975ee9242e36326

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
21320325bdfc20c6f4e4d136228fc9c5

SHA1
7e96950811d7ddbc1daeb7341ddb9768980bf2b5

SHA256
5e7ac2b978206a07d8b1841a2bd89eae4b466bcd8a0df3a62ae2ca0439b8bd5e

SHA512
ee78316d5b8edffdc83e3431bdbd28ae05a481d2a445ddf3b7c58bf0f01c6c42aead46a4d91e7fc75519a5ca8a7e2bab78749d88476c7a2fa0a25e8b3592bd43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
fb1b7c02cbaa0d23529f81eb3059223a

SHA1
3d43f889a3c57b3da7c6c8ddc52f3a2d263ee0b4

SHA256
61a57c32e931de4e908a26921a8a4455ecd1005b666d5430aec2ccd8cffdf7cb

SHA512
13721762c79c0f50075ed76ad123957090fa70a41423e8f4079846d85b86b249eaa90f77e5a1c0d8899a987829759c1e8044be70d55f71ae3499543a80ea0599

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
0aeb482ce3809f734ccea6439180f061

SHA1
c9ef7260bfd53b037a8fcb70abf5bbe4916e25f1

SHA256
b27cf12c5b49fd4df3f626ce94fa8bd95f48dcb86196b7b1162795f54a6d6713

SHA512
94b36ce653d4edd36d96a76e66a1264e60bc57f5406b8b830e40e09ab8265ccecbc84dc3808962c9f7083aa4b4bb8d6d66f415fce57b46d1d267b2ad4af6e7d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a057dc8d484eaec8e7eefd541705f2f9

SHA1
3160363b8696b5dd0b9be7eb8b66c3bf11b703f4

SHA256
dcba6a42c5853b9ae8cf6b38642859a48cd51082fc4db861b44e0b944c089e9e

SHA512
761e443721bfd24b9aa292616ded8a1256b9e6c02a3e345365273a46b4020f57e6d310c76bc30584429a7fa64754e85fa9ed13ebae44740f8b3ff43ecd2e8fe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
9a1d1bb68e4181d1db35b19086915478

SHA1
7660c2a040497afdd8be5cd96877c260ae2f72ae

SHA256
daf60e853ad2047c26f8327d98bb7320a982cab26151f25e16f8d16486eb4177

SHA512
f6f53ee45dd6421966958197e12277e69bda9905fccc09f7becfbbaf3f0c19942660eae117a2698ef8caf7f41b6df8299a219c5a381d4637cf8c272ca1dc0101

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e09c.TMP

Filesize
1KB

MD5
cd83ea381b7239beed3a84f478763971

SHA1
68ee3944178a2e6d1fb8a60f38ad253fdbd6fd0e

SHA256
94cdb5d845716ea5b8855f7d5defe7457bdcfd021a94f10409ab3270dd76adef

SHA512
b65ab9986f769b1f9e3d1f370b01e2e8c4e56296f3e58223f153688ed983b9e2854dbc002ad52d98e124ab7349cdf55f6b696f2fa9f345c24b0d8e2c14a3b9f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
0d49d06b5a1b6b335aa1227d8999aaa7

SHA1
ed0d5ce77fef85c53f900e9c78f16084f6daf041

SHA256
649c27e5c8e7867b568c0f831047a50e2e9fac2b5336a4ab136763eeda15622f

SHA512
d30aab4f0d6b7fd4298740f75dec1961cf53ea802e084aced1f37cff8fd2b9f3eb634816ee791ec68145c902aa18105769909f83aa2faf04f9f6c256219549bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
7a2dbbcf281d86ec40155d072dcfdc63

SHA1
b76fea36f646304720f513991d687db8a8b75c70

SHA256
bcb088a40e5bf62d88eabfad7612cb3ff793a90b500f61414c77c2a419312f89

SHA512
0cae45c76351e87bb956ebbedfa1641e2b2208e1462c6795f129329c7858e239867be982412785167e37ac07391cc5e849174cdde1b11e45f090f4fa26c20c75

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
68a40d4c01b912f4bf7f2e00ac847607

SHA1
5a1265fbe6e670b00a6f93b3191c09dc2887fb4c

SHA256
ea56a973cf7c39e0d5e84a1c9d60ed148925412a6cd66c3d3cd36a1d422128ad

SHA512
fd3f9fa95164214ac78e8ae9034b1688a5af01050af975e9019cb5bbacfa339626c4f0253a04ebe82409e29c06c3f61242c2cc2cf3be3f34ca5e69616bc24c72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
de8a95905046fb0fffb3831ad65a4ebe

SHA1
c6988ff678f762fe8a0817b3c03f704ce98d349c

SHA256
f6b0abd80a54be8010403ccda6ac0c05e7eb10cfabdc728e518831e78a1cfced

SHA512
99f457227aa2517e851c22ea35364eb786fc2609b1534d4a496d0cf4df942045fd38d90d976435a87909a95a36a820e352365bd2b10a297f52f58ae9a43a312d

Download Submit
C:\Users\Admin\Downloads\BSOD Virus.bat

Filesize
4KB

MD5
d4cd82b729b72269441970168f3c9436

SHA1
ece6f078e365614959da1b0c7b9f64601f0c3c3f

SHA256
20b41b43f0dffaf77d19b1bc77113f831f4c61295e174d875abf774bca7df80e

SHA512
d880e05ce6da083d68add60e2d9b047f5f908c7ae5657d93fbfea5c32914901caf6b1e0b4cc2193cf76ef432c6b03966a023194deda7a023a00c4dce90ea5d1e

Download Submit
C:\Users\Admin\Downloads\bsod.hta

Filesize
1KB

MD5
cf9b7ab65c938b3dee1f3df89d615dcf

SHA1
ae9e038a015524b307588c9c4dfe02bcd94d6b86

SHA256
5254d4cbab2839f51390094d06e53749f6e1179e9851cecb6608798e1af34c65

SHA512
b6270408c87cbf2e69a6c23a61c305d81d3a6c8c5a6e6faf4aa31c03f6f631d28b62c1d26c5e7afe97adde5057dcddc877c3504b21cdb715da45992136cf7394

Download Submit
C:\Users\Admin\Downloads\vcl.zip

Filesize
131KB

MD5
8ea44c898c149825e227c9f759d6539d

SHA1
1b4ccc074e98bd073993bbafdcadade04a497a5d

SHA256
209fef75f6e2ff949753e4d63045554b487cb990b593faa10568a1d693fc0053

SHA512
2673ab034880b6d787041c5b48f96fe512ec2c2566dcdcc3b113fb4ff842cdbb43deb74c0478650c485f8adedf58d4a444380e98aa7722e4ccac303601d0a257

Download Submit
\??\pipe\LOCAL\crashpad_2640_HIBVZNLLOOHHYAMI

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit