Analysis Overview
SHA256
8b0c4556e30ab51385a4d4cb915d94f61a74fb57a235bac0ef8929eedcbcb300
Threat Level: Likely benign
The file SteamtoolsSetup.exe was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand STEAM.
Unsigned PE
Browser Information Discovery
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-04 14:50
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-04 14:50
Reported
2024-11-04 14:53
Platform
win7-20241010-en
Max time kernel
117s
Max time network
121s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe
"C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-04 14:50
Reported
2024-11-04 14:55
Platform
win10v2004-20241007-en
Max time kernel
190s
Max time network
195s
Command Line
Signatures
Detected potential entity reuse from brand STEAM.
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133752056408607335" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe
"C:\Users\Admin\AppData\Local\Temp\SteamtoolsSetup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffe3376cc40,0x7ffe3376cc4c,0x7ffe3376cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1940,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1936 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1856,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2304,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2348 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4528,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4764,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4716 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4760,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4672 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5104,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4840,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4904 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5172,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4956,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4348,i,11120675222745968393,14290843350946910918,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2d0 0x2ec
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 150.171.27.10:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.180.4:443 | www.google.com | tcp |
| GB | 142.250.180.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ogads-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | udp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 216.58.201.110:443 | clients2.google.com | udp |
| GB | 216.58.201.110:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | dns-tunnel-check.googlezip.net | udp |
| US | 8.8.8.8:53 | tunnel.googlezip.net | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | tcp |
| GB | 142.250.178.10:443 | ogads-pa.googleapis.com | udp |
| US | 216.239.34.157:443 | tunnel.googlezip.net | tcp |
| US | 8.8.8.8:53 | 157.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 209.143.182.52.in-addr.arpa | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | store.fastly.steamstatic.com | udp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.fastly.steamstatic.com | udp |
| US | 8.8.8.8:53 | shared.fastly.steamstatic.com | udp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 52.195.101.151.in-addr.arpa | udp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| US | 151.101.67.52:443 | shared.fastly.steamstatic.com | tcp |
| GB | 2.17.5.46:443 | store.steampowered.com | tcp |
| GB | 2.17.5.46:443 | store.steampowered.com | tcp |
| GB | 2.17.5.46:443 | store.steampowered.com | tcp |
| GB | 2.17.5.46:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | 52.67.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.5.17.2.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1152_TAELJWWNSQHSPUUC
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 0501e27bcee13cdef0c4b6b371c94702 |
| SHA1 | ac9cedc1f5522d00371ac71fdf79bededd318970 |
| SHA256 | 25fe81c15f307b88a48b8056683bef315fe8166218c1d1b321ea9223209a64b2 |
| SHA512 | 568d9959a1d775c76d15f59a41818d28e07ae89c72837c5a8c905958b6054ad41061f799b0295f9d6135a198447b4470755901cb8879512057bf176a1c934ebe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e1d8ea02961df92d3d6c721d695bc309 |
| SHA1 | aba43651a840cd81906dda16a446398bd9764293 |
| SHA256 | 1818fbd2080f2c2b6748a338c80b7be5682d5b860bd8a931e9c796dcf3690433 |
| SHA512 | 759027cb1d613a589ca95bcb34077029ed644efd0d2f7419aa1594b526eb1bb4fc1dc66dbff8954b23fdf00e9a3b997047ad6d1f8298bb37d95c3be46c358650 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2e0f4caa07f19fc0114728119596b640 |
| SHA1 | 04fe7fb9b87a23a6665b4239514df0219fc6141c |
| SHA256 | b310c11e9e906a8eb578e350e2cbd8cdeb9d27e2e08b82c9240df37f5a26d724 |
| SHA512 | 5db536f0365382c8de7a5477a8e1bd53ada7937de398962e68f3ee3537acea9e7e737ca084b94876a34392c58d21ee765d8004b5b7d05a387650228176cf349d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 183291bc95d2579fc86db4a6bd046f09 |
| SHA1 | 708ce45d70251dc6c54fdf82a311bbdc34adab3d |
| SHA256 | f00b37ac758e1f04a967ece0d823c42ad81d6a60c3be1ce2f8c203bc1074b400 |
| SHA512 | a3c33eb3302f4064b121af6c66f84a0cb77ebce8bdbcd84550258623a0270efd647f1e6036d1895efafd2cafcdea491829a1d9f16a8f28ca642c95430c74d904 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | fe2c8e76c8fdfb9b39320ae9bd628fc1 |
| SHA1 | 4afe1e9cbdbcacdf0ed0332562ff0f29f9765c3b |
| SHA256 | cd69debefcb623935f3016b73701d51651fafdda92ecd39b82e10d1f24cb3d85 |
| SHA512 | 151d92eb11655fdfdd9e79a7f628a75a0d0f257977ff3ce1588b59e139d92f03517c9591cc102c48f333821ff84b1b752fc0727680fb1b65e2a840eea5cef927 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b40f1e6a83a6c85f66d0214ec1f6ee40 |
| SHA1 | dc099074052d953769f67a48ab945f4734b3e826 |
| SHA256 | c4d8d0daae2f8d2f510f4b88ccfd11a18d785b9a190b75df6ed38170e0803e1c |
| SHA512 | 5e6efa533f06ff5e4ec08e53d35ce063fa69002256cb2b0cb5d0d0d9df3d39c4533aae2f74dea1dfefd9b1ad8fa74fc0ddaaa0e4abc4a753458e941aced8c96f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5266f0fa9b3a42e153cbccd5c293782a |
| SHA1 | 3c633e1955be4b31ebdbc2b7e028e7fdbc42b9b7 |
| SHA256 | 71f23b7b141d553f5a5fd5cd284d8fcc1aadb5b05765a07005b4b42f89b58e94 |
| SHA512 | 7880b1f5fcef5d059976a30b9a4150a28569ffb8d13e88344a37a8c648967474c553553bd2dfaabcc508d22f5ae2502f69bf7c7f4e5e4444472c75b89fc875e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0334a3ed12fb8620445141a01d389242 |
| SHA1 | 588dd87805c7b22aa62a4c240b762106b51daa3d |
| SHA256 | 30ab7c0e55d02f248f917914f4d6875d3714e279372b296965ba628571140e02 |
| SHA512 | 792621f9eb099a79c954a38006943c82ca9c790243117ac469a338cbea15c2ad9f4cd30a7ec62de870c2582582615833d73114d22c2c5d4aa0dee12a067de497 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b9c076abeea682791dcb5dfd88355560 |
| SHA1 | d4fe11091254a551ec6753428e7fc5e47d63df8e |
| SHA256 | d77775d8f1e145087f7b343f1c6d93148cfff4403376fabb7874b9c67d4193c1 |
| SHA512 | 355e43fc203127f817155cd30579737a7afee52f2180b0ea402742cbddd203c0696adc872312e2bb7726d08e98a65766c77469e02fae69ba8cb1937378c51c30 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 5c2095692768e26ae1289505248e8d7c |
| SHA1 | 82e75de9b9ab08e64655f247f9ef7a73d7f577c2 |
| SHA256 | 26b19d787e9c8d24c59242a78bc3297e2f2f3f155b494ac16726ab3e1f022070 |
| SHA512 | 23f8640f6f26c197a9e7536d1905501eecad742e3190dd5bf160e8617395c2314426c7efc9766e712216721f4937ad1b3f9376442167827ae1fcf1e21c25fa10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\df443fbf-33f1-4504-8c07-87551cdfa7cc.tmp
| MD5 | c66069eb9e182db98926c4838ae9eb86 |
| SHA1 | 8a3cdc0c0f024d90ec4976c83a64c9d102c410b9 |
| SHA256 | d2eef89a58bae0356a614bcac27823e2b9d0d375666f56356cccac74f4a9b6ac |
| SHA512 | 7e7f00dd372516d2becd57456bb55cb378c4a301e2bdfde0034491831bf44d29705092fdcdbede320501c48ad16a47fe6a502bf8e0be143d27b1071030215423 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 908550c42567a466ce1ab5073484abff |
| SHA1 | 401663beb33367c49e733f44d9a3dc003fe7b3a4 |
| SHA256 | a1c41bc6c0b7ce5e4331b72d235a6882c469fba83a2072cc785eec112dfd9ea0 |
| SHA512 | 6c78e10d50b6d74bba54df650fdbc87332ea491b7a4cb4016618879be6743053acfdfb2fb9dd902107c33365f62fb0ca8b47936d91c15fef36c86e18db2e85e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 60c307caf63d505292c022c0c6f75ef5 |
| SHA1 | bb857264e27f7925326f1613fe49ed0cbda94953 |
| SHA256 | 681f8ec361b371d5836527cb996169913223ee231caec6ed4904f6dd2341eaf3 |
| SHA512 | 69d293769949dd8d808b2447cc8afbd9e90af4ef962dbba1958b106075aa09befcaee82ce1f77335543242d9b2a9b53d31f10fbf908a490179eb4ef454651e95 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a68aeb6e08f9a8a60279ed3c08c9fe5d |
| SHA1 | 64b1893428d1f7af73dea647766f6b303dbe9bbb |
| SHA256 | 1c2d175965fae78bf04de5322c8e629755331bf88f8bdcea689e8b411d32fdfb |
| SHA512 | f247ae0c0af755e90fd1ff139e8d17660cf61b66a1803b3319c2c9a98c624e1e004cb6d2e4877087178a11666f1bf8647a15657f004e132334f73117ea7abbde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 17f7e40a46af43e692e736e6a6b644d6 |
| SHA1 | 9e261a72d263be73a4e170240bba41d33f2eeb89 |
| SHA256 | 78278b27d767178cd60299ef2d3161aa785470b28ea69fe83165624311485fe3 |
| SHA512 | 49c62d58b2da360b4f5cf82b8c3fba009cac08ddd28b4dacba3361ac8ba992f9f195a6288e0924b3591276b8ba740f27915fc55d173d8e0040f542f0282e2b18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | 79c144a92679b4b3b451b22bc241d519 |
| SHA1 | 771ba012a2ff91089790d60d099258c7572e3edb |
| SHA256 | 9b5776b6ffa1a8f7d9344b8b11df5adc4afff93b2204baaebc3bca7a47595e31 |
| SHA512 | 8208a0e2fa23297b3a511d920975f0237b7b7182ec2a2f06010189f39032e4195715dad6253657bf1f4b46f116043aca23ccd5f9c223dad274cda6faeda594f0 |