Analysis

  • max time kernel
    211s
  • max time network
    214s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20241023-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    12-11-2024 20:42

General

  • Target

    https://is.gd/4L7ufb

Malware Config

Signatures

  • A potential corporate email address has been identified in the URL: [email protected]
  • A potential corporate email address has been identified in the URL: [email protected]
  • Detected potential entity reuse from brand STEAM.
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://is.gd/4L7ufb
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffa436fcc40,0x7ffa436fcc4c,0x7ffa436fcc58
      2⤵
        PID:3408
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1968,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1964 /prefetch:2
        2⤵
          PID:4736
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1544,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2092 /prefetch:3
          2⤵
            PID:4108
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2292 /prefetch:8
            2⤵
              PID:3656
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3172 /prefetch:1
              2⤵
                PID:3020
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3160,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3228 /prefetch:1
                2⤵
                  PID:1756
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3732,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4476 /prefetch:1
                  2⤵
                    PID:2828
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3700,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3432 /prefetch:8
                    2⤵
                      PID:1104
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3432,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3384 /prefetch:8
                      2⤵
                        PID:3640
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4976,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4892 /prefetch:8
                        2⤵
                          PID:1788
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4696,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4800 /prefetch:1
                          2⤵
                            PID:3640
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5180,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5192 /prefetch:8
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:4760
                        • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                          "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                          1⤵
                            PID:2892
                          • C:\Windows\system32\svchost.exe
                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                            1⤵
                              PID:216

                            Network

                            MITRE ATT&CK Enterprise v15

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                              Filesize

                              649B

                              MD5

                              972af3e147eb5753753f52e2415b538b

                              SHA1

                              d0cc9b37447d08c5502bd4a9cfa51950ca2daa4b

                              SHA256

                              0370e4feb78fd1a7e1da863fe2b09adbc8f8551db7c61439b4016194e5eafa2f

                              SHA512

                              cefe2c9f3a9035395f59421275e02a896bc68aff1065ed6471cef8cbfb6eca7697205b7fcd3aa809fa74e3b27c5ad1b902f197a54df175173f56600badb49f8f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

                              Filesize

                              37KB

                              MD5

                              231913fdebabcbe65f4b0052372bde56

                              SHA1

                              553909d080e4f210b64dc73292f3a111d5a0781f

                              SHA256

                              9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

                              SHA512

                              7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                              Filesize

                              576B

                              MD5

                              1035bef1df5da62c32faf182f353aa4c

                              SHA1

                              6af75f8e164b9559efb822793f6e3c7a4639d4c3

                              SHA256

                              30fa6e3c87c90fe434b9b9b5e0d2cd47a1da4dbbffef5a275a69b49fc4f7dd67

                              SHA512

                              60d578d1ecd58d5fdb5c91a1202f371558d5d4c24b144c74f3e286d6fcd2226ef9e1d96151d339c3c494f1f9e9a22588aa477171e44e33bc0258bfda862e3f63

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                              Filesize

                              480B

                              MD5

                              3aec15cd7bc74164589f7a5864380b84

                              SHA1

                              db338ff882570073a73fae172e6622f9981ebe1e

                              SHA256

                              8d35bf2c5c4673db7b526eb964475754b6be3cde0cea34195c0efdd0ed42f874

                              SHA512

                              b39e811335288d305e010ed57557ac09c883c4b5ebd544e93a515ae38fdf9226e85a52709bad9d524e31f86de2f6e05d50961cabe6ff294c006d0c0be1e49896

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                              Filesize

                              4KB

                              MD5

                              b6354063f696d2d6fd50e210179fa00c

                              SHA1

                              483bfcfa93508643e091e918e72cf4d320756d4f

                              SHA256

                              885c79eb8b0efcadab00b4c7db91d119ddf011e4d57b62ad927ef74917bf477f

                              SHA512

                              93b9e4858a2bda943d7cf83b4c7cd87116074833a9337df49224e0da50d7ab4aef7af990094d9e37c92d4e132b724eae9cb4bf557991962f407bef3a5ed01e7f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                              Filesize

                              4KB

                              MD5

                              67df295fa1b982dfb1df87771d0d612c

                              SHA1

                              8b0aad278a374a6495a19d2edc0b9c4cad0399e2

                              SHA256

                              15ca86f2a21dfb1c0aaeecb0e8f6f2cbc524dd1849614a1c6ae59aebe853fb6f

                              SHA512

                              2c0bb17da49fbd4a3e7d32b67b1d99997041f84bfe93216467cb49dc994a2b2b0a116297544f14b03f6bfea7ffa292dcc29d608e7380a98d6704486d4b3be978

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                              Filesize

                              2B

                              MD5

                              d751713988987e9331980363e24189ce

                              SHA1

                              97d170e1550eee4afc0af065b78cda302a97674c

                              SHA256

                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                              SHA512

                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              1KB

                              MD5

                              444aa8957c19479512f35129b176de0f

                              SHA1

                              9d94e2481772c6a10ae17a5cdd9eb5eebf6680d2

                              SHA256

                              a329ab26dbd486d0eff42748963ae11ce189b947970791b2144a95f5bdc11424

                              SHA512

                              d7aa4ef7e5c0da060762673e13a1a292f88297b00252549b200f1cae69bf8c4784d711b4bba1fbaefccc72c03dcd852cbe7b34b1e56d89a4d5f976c9be8910d2

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              1KB

                              MD5

                              03cfa0b3b4c934755ed37683eb2a5270

                              SHA1

                              a2691979384db0e9e05c4c25694ad66efc349b1d

                              SHA256

                              75018ed44ef99b7231c0801785794fcd1470fe64679e882f30ae74d4acd5d0ed

                              SHA512

                              c31a20996af2d7166798e479c3c1834a5ffb5a2b56114cf572eb5ce1eea7d295909696d6a7b946d5bd226a39c01150fd0c320a6000569c2dde689714323c96b6

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              1KB

                              MD5

                              ab05f3b4a6e726580ea8d628bd4b5545

                              SHA1

                              0b38b75550e9d274602b429a7eaf4c6c17d1c19f

                              SHA256

                              f05e2dafa7e287f40cdf067e66b550e33965fda1f6dbe3b82f3c5f1e320d9e39

                              SHA512

                              86f6f90304bc50141e06feab54cfb2bd8ca0ff1973c7fd3c0ad066370f63e4355754d578c88d53036175ef78eea9990cc202299df91f7efc32981c70d6105dd2

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                              Filesize

                              1KB

                              MD5

                              388a53ccf5886ca8115a6ea5f41b279f

                              SHA1

                              321ae69e1f6c592c6f6d3cca298fdb5b68e851a3

                              SHA256

                              b2bbb2713f13067fbc35c4c793822beeaacb0a168942f92b294b58333a938a17

                              SHA512

                              c2d95dcd47daf3b0620b58323e5371e4c1c685bc776293ba8a9b8402fb716276329c81827f8f0c8ac7bac9b23340d76061108bf24c8a1f958b317972a27f2822

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              8ae2c89db7ba07fbf5466a0763e4f317

                              SHA1

                              b5bdc4865dbe10a72bfee4bd23bd05b7382c0ab1

                              SHA256

                              d8725b76f95aa15e7d50d6aa5d21edc5e3b04c5b720c363d5b89dc6288573ccb

                              SHA512

                              83654aba87d61f865e35841f765d076d1cbc82af261958a59e2c7fe51f7b8463689b5fb01a7c8525f8ea306f64d2d99542e90ced1191540e36623434221aa645

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              12KB

                              MD5

                              b46dd597badfb5bf97a89a4157a30cd8

                              SHA1

                              9a8749a15b60617d404b97d06e21c7ad877e12e5

                              SHA256

                              9ddc31a750742adc0ca6d64fbdb7fedd34cfed8cac0f8f3403cb6ae757c8d100

                              SHA512

                              6a16761bdc9d429591703b37e1d3e09d665df584d1d84717fa6e5bf03f619be4a2627e924533ccb3bb387ed2075ed23752ea8ffaa238b8551b6440b3ec0d29e8

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              c8f6d4b6fd753d2ec6d8eecb676592c1

                              SHA1

                              21db404a739fb966606b93b05e36890442ebb6eb

                              SHA256

                              1843b35c5d4fb149bd54eb43bb1e5b85a5d6f7f553a5f0373030f736d5bd6939

                              SHA512

                              aa147f8f8d83ab037a3d7f4c8451c678a527722591710ea5abb3588ed6aa13ccbec5c0fa74fd31bdff1c2de43b11a0ce06e44ff702859970b97b4734150a349f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              0e4ed789540026c453fff76a4c30b781

                              SHA1

                              aa28f778c0a7aa810cb90a907d72765895124f5e

                              SHA256

                              a6eee1a4b10a1f4f0280d7bb24dd3dede2e620401e3d4bc602d45e5d5fce7bcb

                              SHA512

                              09da3c9ab0fad4bfda3fca4ef824af99c691a3fc4052aa701e8e902117602d8c64f7139140770b56da4ab978734aca6f60776968cd2ee1cb3c032f423ece111f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              b9b8404c73e0f825287e74399b72d413

                              SHA1

                              d498fbf910d614f99be10f76c79926ef53406033

                              SHA256

                              a2eec69f63bd82cdea2e56aec74c7a3b9807fa9db711df7a65803b50c0d739ad

                              SHA512

                              9f699a98c8ddf3876f660cb3bc057f5b9e8159bcf77fe41a28cba8148e10771e60e3810988ec7cf469dad86de0df0d3e4df142a11f335618f6ddb51df6a0e104

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              12KB

                              MD5

                              2178b73f2782ee4566ee09fdf2270bfe

                              SHA1

                              b2165c97b8f90fd5b07ae571e2b3099fcf458652

                              SHA256

                              557c7229202259ac9df1d72e5a78d4bdf484833323f503206955d7cd95eac464

                              SHA512

                              54760ff62554bfa156f94b4ffad6131b307b4b85671b6e11219bec34ec8015e2dee63c48e3e3dcb741d5f9d46b208a0959d8a1885e2bfe07ac6ebefc267d1300

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              dad561391c662807a1bb8ae93599fef7

                              SHA1

                              6e4c6a8ec3ff34e2f3fa0855b31201c46260f58c

                              SHA256

                              aaa322ef85ed2f44754d53b7805b4e4b7c3c61a5424590a1deb2258bad78672f

                              SHA512

                              c67fc08144586293016dedb2248c9b1bfa5787747fb330e63ec94aecfb74c029d78f62bb511e7a93a1d50644de6c8cb710f68e4877ba200772e4706ba0de7713

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              3f0040a48abc28bd947c0568eaa41e64

                              SHA1

                              b5944c5a00c1c3a1321d0afdc5444fb904663b0a

                              SHA256

                              8829c6b529ce4e0d0e43735ef104a8ddb803f743150fb536160e4d78ece1651b

                              SHA512

                              7bda46115fb2648ead623bb1dc9c6d728bb0de965768063c228ab642c1d94f1b5346719a0a73bcff4a5283d2e7973fcdaca222eea5545c669be1d2fcfff3c495

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                              Filesize

                              9KB

                              MD5

                              f983bbe9129a248757a65e27ed82c478

                              SHA1

                              efd538272e865a9e8b87b5d62c87f1026b359c6f

                              SHA256

                              fbd60eb2d4550a327b9ddb739262615464333e2b7963059a62524979e3bf2abc

                              SHA512

                              664b8861d851e3ae4d77a957c9901251b1aa1b5ec1a9c3e10ddf8cb26b2e147f5c1a2b9f3e2cf09f5673dacd01f486ef5a84a1dc94c23741827384ca55092eab

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              120KB

                              MD5

                              1701dd6f6a2dccf4f18e2d733c938126

                              SHA1

                              cf5ced79e6a042f9e6ab7106ab124698a88f003e

                              SHA256

                              22deae5e1469ffcbca09e2f545604fc842aed87ccce8d494051c9a8406e68571

                              SHA512

                              564215ab2e7dcf97cf99ca118bd9dcc1a1a6b0df3293384b82497efc202ccfd41c1c4333c5afb7c1648f5d948e7acfe80445de0b196fbe5004f23b9cb407a50f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              120KB

                              MD5

                              eb054960aa7589f9cf9ef371291d0581

                              SHA1

                              2e128e83012cfe8d1e6cc0a566f8f8787342df22

                              SHA256

                              725f7b6260b32eb402eccb5dae3fecd0436026b9de5ff60c193fd256a03cdd19

                              SHA512

                              8eade2ec24c5fb630b266e0b577746087c77a1f2ab4c2b103fb40e5efda4aeeb1d164a9596dfa85c18ca9d27342e521251a7cc807f11689b402f82aa2843274f

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              120KB

                              MD5

                              75dccca76fb160eeb848d55522711e49

                              SHA1

                              8a9fa549aca0bca719930da4910a7de22ac6188a

                              SHA256

                              3d6f4f0674d319f5f5c991dcb1cd618c49fca306bcf870c5402793f17eae8fb9

                              SHA512

                              0045ecb7886b40e438fd0eb99ccfbd29c760473d988d61e4efa3fa6a9ff4d4db6a8e33b3c84c857f3c8a256929a542faec8d9d9cc32988183ea17b2eff233141

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              163KB

                              MD5

                              07c500b367375860c3b451fe56ea65bd

                              SHA1

                              ce580f633ed29747cfa369d94c62fdd5ef8b147e

                              SHA256

                              436a9ccd3f08a1b8dbaeb6d39ff2325676d6375def2e8c0566fe2dc7d6354e00

                              SHA512

                              bdae49fa3ce1f5cbf003888fadcccb2363fcfa24a29db921434d289601d11e96e07bfbf1f4ef9c47d6a87920610744853935d96aa75f0984e22936ad6a484599

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                              Filesize

                              120KB

                              MD5

                              48faefe79ead658c3528e17fabcc269c

                              SHA1

                              bfb5844708371f23a12ae1a5f359b5b832629171

                              SHA256

                              733f4cae9d6bffbd8e20280eb320cc62d3d759e3089b5f515e7cc245e523424d

                              SHA512

                              c66f1ca307566a41029d94687be898d5ef04b71a7d2423912cc689fd98662438ecc478ea93585b5747ca1bf114d025369ba8e6f2f3186a9ec4b2efc628f74a82

                            • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                              Filesize

                              2B

                              MD5

                              f3b25701fe362ec84616a93a45ce9998

                              SHA1

                              d62636d8caec13f04e28442a0a6fa1afeb024bbb

                              SHA256

                              b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                              SHA512

                              98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84