Analysis Overview
Threat Level: Shows suspicious behavior
The file https://is.gd/4L7ufb was found to be: Shows suspicious behavior.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Browser Information Discovery
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-12 20:42
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-12 20:42
Reported
2024-11-12 20:46
Platform
win10ltsc2021-20241023-en
Max time kernel
211s
Max time network
214s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133759177696627718" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://is.gd/4L7ufb
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffa436fcc40,0x7ffa436fcc4c,0x7ffa436fcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1968,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1964 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1544,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2092 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2292 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3172 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3160,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3228 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3732,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4476 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3700,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3432 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3432,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3384 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4976,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4892 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4696,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4800 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5180,i,17922922075424423524,10012597886125880179,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5192 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | is.gd | udp |
| US | 172.67.83.132:443 | is.gd | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.83.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | styemconnmummnlty.com | udp |
| US | 104.21.70.134:443 | styemconnmummnlty.com | tcp |
| US | 104.21.70.134:443 | styemconnmummnlty.com | udp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 8.8.8.8:53 | 134.70.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.143.214.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | steamcommuniqy.com | udp |
| US | 8.8.8.8:53 | store.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | store.cloudflare.steamstatic.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 10.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.25.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 105.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.130.101.151.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| GB | 2.19.117.29:443 | cdn.akamai.steamstatic.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdn.cloudflare.steamstatic.com | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 8.8.8.8:53 | clan.akamai.steamstatic.com | udp |
| US | 104.18.42.105:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 104.18.42.105:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| GB | 2.19.117.20:443 | clan.akamai.steamstatic.com | tcp |
| US | 23.192.21.216:443 | store.steampowered.com | tcp |
| GB | 2.19.117.20:443 | clan.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 216.21.192.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 20.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 53.210.109.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 104.21.70.134:443 | styemconnmummnlty.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fonts.cdnfonts.com | udp |
| US | 172.67.184.158:443 | fonts.cdnfonts.com | tcp |
| US | 8.8.8.8:53 | community.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | community.cloudflare.steamstatic.com | udp |
| US | 172.67.184.158:443 | fonts.cdnfonts.com | udp |
| GB | 2.19.117.23:443 | community.akamai.steamstatic.com | tcp |
| GB | 2.19.117.23:443 | community.akamai.steamstatic.com | tcp |
| GB | 2.19.117.23:443 | community.akamai.steamstatic.com | tcp |
| GB | 142.250.200.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 158.184.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.117.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 104.21.70.134:443 | styemconnmummnlty.com | udp |
| US | 8.8.8.8:53 | steamcommuniqy.com | udp |
| US | 172.67.184.158:443 | fonts.cdnfonts.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1701dd6f6a2dccf4f18e2d733c938126 |
| SHA1 | cf5ced79e6a042f9e6ab7106ab124698a88f003e |
| SHA256 | 22deae5e1469ffcbca09e2f545604fc842aed87ccce8d494051c9a8406e68571 |
| SHA512 | 564215ab2e7dcf97cf99ca118bd9dcc1a1a6b0df3293384b82497efc202ccfd41c1c4333c5afb7c1648f5d948e7acfe80445de0b196fbe5004f23b9cb407a50f |
\??\pipe\crashpad_2404_WWKRJEACFQBHPNDA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | eb054960aa7589f9cf9ef371291d0581 |
| SHA1 | 2e128e83012cfe8d1e6cc0a566f8f8787342df22 |
| SHA256 | 725f7b6260b32eb402eccb5dae3fecd0436026b9de5ff60c193fd256a03cdd19 |
| SHA512 | 8eade2ec24c5fb630b266e0b577746087c77a1f2ab4c2b103fb40e5efda4aeeb1d164a9596dfa85c18ca9d27342e521251a7cc807f11689b402f82aa2843274f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c8f6d4b6fd753d2ec6d8eecb676592c1 |
| SHA1 | 21db404a739fb966606b93b05e36890442ebb6eb |
| SHA256 | 1843b35c5d4fb149bd54eb43bb1e5b85a5d6f7f553a5f0373030f736d5bd6939 |
| SHA512 | aa147f8f8d83ab037a3d7f4c8451c678a527722591710ea5abb3588ed6aa13ccbec5c0fa74fd31bdff1c2de43b11a0ce06e44ff702859970b97b4734150a349f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 388a53ccf5886ca8115a6ea5f41b279f |
| SHA1 | 321ae69e1f6c592c6f6d3cca298fdb5b68e851a3 |
| SHA256 | b2bbb2713f13067fbc35c4c793822beeaacb0a168942f92b294b58333a938a17 |
| SHA512 | c2d95dcd47daf3b0620b58323e5371e4c1c685bc776293ba8a9b8402fb716276329c81827f8f0c8ac7bac9b23340d76061108bf24c8a1f958b317972a27f2822 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 972af3e147eb5753753f52e2415b538b |
| SHA1 | d0cc9b37447d08c5502bd4a9cfa51950ca2daa4b |
| SHA256 | 0370e4feb78fd1a7e1da863fe2b09adbc8f8551db7c61439b4016194e5eafa2f |
| SHA512 | cefe2c9f3a9035395f59421275e02a896bc68aff1065ed6471cef8cbfb6eca7697205b7fcd3aa809fa74e3b27c5ad1b902f197a54df175173f56600badb49f8f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8ae2c89db7ba07fbf5466a0763e4f317 |
| SHA1 | b5bdc4865dbe10a72bfee4bd23bd05b7382c0ab1 |
| SHA256 | d8725b76f95aa15e7d50d6aa5d21edc5e3b04c5b720c363d5b89dc6288573ccb |
| SHA512 | 83654aba87d61f865e35841f765d076d1cbc82af261958a59e2c7fe51f7b8463689b5fb01a7c8525f8ea306f64d2d99542e90ced1191540e36623434221aa645 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 444aa8957c19479512f35129b176de0f |
| SHA1 | 9d94e2481772c6a10ae17a5cdd9eb5eebf6680d2 |
| SHA256 | a329ab26dbd486d0eff42748963ae11ce189b947970791b2144a95f5bdc11424 |
| SHA512 | d7aa4ef7e5c0da060762673e13a1a292f88297b00252549b200f1cae69bf8c4784d711b4bba1fbaefccc72c03dcd852cbe7b34b1e56d89a4d5f976c9be8910d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3aec15cd7bc74164589f7a5864380b84 |
| SHA1 | db338ff882570073a73fae172e6622f9981ebe1e |
| SHA256 | 8d35bf2c5c4673db7b526eb964475754b6be3cde0cea34195c0efdd0ed42f874 |
| SHA512 | b39e811335288d305e010ed57557ac09c883c4b5ebd544e93a515ae38fdf9226e85a52709bad9d524e31f86de2f6e05d50961cabe6ff294c006d0c0be1e49896 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b9b8404c73e0f825287e74399b72d413 |
| SHA1 | d498fbf910d614f99be10f76c79926ef53406033 |
| SHA256 | a2eec69f63bd82cdea2e56aec74c7a3b9807fa9db711df7a65803b50c0d739ad |
| SHA512 | 9f699a98c8ddf3876f660cb3bc057f5b9e8159bcf77fe41a28cba8148e10771e60e3810988ec7cf469dad86de0df0d3e4df142a11f335618f6ddb51df6a0e104 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 75dccca76fb160eeb848d55522711e49 |
| SHA1 | 8a9fa549aca0bca719930da4910a7de22ac6188a |
| SHA256 | 3d6f4f0674d319f5f5c991dcb1cd618c49fca306bcf870c5402793f17eae8fb9 |
| SHA512 | 0045ecb7886b40e438fd0eb99ccfbd29c760473d988d61e4efa3fa6a9ff4d4db6a8e33b3c84c857f3c8a256929a542faec8d9d9cc32988183ea17b2eff233141 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0e4ed789540026c453fff76a4c30b781 |
| SHA1 | aa28f778c0a7aa810cb90a907d72765895124f5e |
| SHA256 | a6eee1a4b10a1f4f0280d7bb24dd3dede2e620401e3d4bc602d45e5d5fce7bcb |
| SHA512 | 09da3c9ab0fad4bfda3fca4ef824af99c691a3fc4052aa701e8e902117602d8c64f7139140770b56da4ab978734aca6f60776968cd2ee1cb3c032f423ece111f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 231913fdebabcbe65f4b0052372bde56 |
| SHA1 | 553909d080e4f210b64dc73292f3a111d5a0781f |
| SHA256 | 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad |
| SHA512 | 7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f983bbe9129a248757a65e27ed82c478 |
| SHA1 | efd538272e865a9e8b87b5d62c87f1026b359c6f |
| SHA256 | fbd60eb2d4550a327b9ddb739262615464333e2b7963059a62524979e3bf2abc |
| SHA512 | 664b8861d851e3ae4d77a957c9901251b1aa1b5ec1a9c3e10ddf8cb26b2e147f5c1a2b9f3e2cf09f5673dacd01f486ef5a84a1dc94c23741827384ca55092eab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 07c500b367375860c3b451fe56ea65bd |
| SHA1 | ce580f633ed29747cfa369d94c62fdd5ef8b147e |
| SHA256 | 436a9ccd3f08a1b8dbaeb6d39ff2325676d6375def2e8c0566fe2dc7d6354e00 |
| SHA512 | bdae49fa3ce1f5cbf003888fadcccb2363fcfa24a29db921434d289601d11e96e07bfbf1f4ef9c47d6a87920610744853935d96aa75f0984e22936ad6a484599 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 03cfa0b3b4c934755ed37683eb2a5270 |
| SHA1 | a2691979384db0e9e05c4c25694ad66efc349b1d |
| SHA256 | 75018ed44ef99b7231c0801785794fcd1470fe64679e882f30ae74d4acd5d0ed |
| SHA512 | c31a20996af2d7166798e479c3c1834a5ffb5a2b56114cf572eb5ce1eea7d295909696d6a7b946d5bd226a39c01150fd0c320a6000569c2dde689714323c96b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b6354063f696d2d6fd50e210179fa00c |
| SHA1 | 483bfcfa93508643e091e918e72cf4d320756d4f |
| SHA256 | 885c79eb8b0efcadab00b4c7db91d119ddf011e4d57b62ad927ef74917bf477f |
| SHA512 | 93b9e4858a2bda943d7cf83b4c7cd87116074833a9337df49224e0da50d7ab4aef7af990094d9e37c92d4e132b724eae9cb4bf557991962f407bef3a5ed01e7f |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1035bef1df5da62c32faf182f353aa4c |
| SHA1 | 6af75f8e164b9559efb822793f6e3c7a4639d4c3 |
| SHA256 | 30fa6e3c87c90fe434b9b9b5e0d2cd47a1da4dbbffef5a275a69b49fc4f7dd67 |
| SHA512 | 60d578d1ecd58d5fdb5c91a1202f371558d5d4c24b144c74f3e286d6fcd2226ef9e1d96151d339c3c494f1f9e9a22588aa477171e44e33bc0258bfda862e3f63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 48faefe79ead658c3528e17fabcc269c |
| SHA1 | bfb5844708371f23a12ae1a5f359b5b832629171 |
| SHA256 | 733f4cae9d6bffbd8e20280eb320cc62d3d759e3089b5f515e7cc245e523424d |
| SHA512 | c66f1ca307566a41029d94687be898d5ef04b71a7d2423912cc689fd98662438ecc478ea93585b5747ca1bf114d025369ba8e6f2f3186a9ec4b2efc628f74a82 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dad561391c662807a1bb8ae93599fef7 |
| SHA1 | 6e4c6a8ec3ff34e2f3fa0855b31201c46260f58c |
| SHA256 | aaa322ef85ed2f44754d53b7805b4e4b7c3c61a5424590a1deb2258bad78672f |
| SHA512 | c67fc08144586293016dedb2248c9b1bfa5787747fb330e63ec94aecfb74c029d78f62bb511e7a93a1d50644de6c8cb710f68e4877ba200772e4706ba0de7713 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f0040a48abc28bd947c0568eaa41e64 |
| SHA1 | b5944c5a00c1c3a1321d0afdc5444fb904663b0a |
| SHA256 | 8829c6b529ce4e0d0e43735ef104a8ddb803f743150fb536160e4d78ece1651b |
| SHA512 | 7bda46115fb2648ead623bb1dc9c6d728bb0de965768063c228ab642c1d94f1b5346719a0a73bcff4a5283d2e7973fcdaca222eea5545c669be1d2fcfff3c495 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b46dd597badfb5bf97a89a4157a30cd8 |
| SHA1 | 9a8749a15b60617d404b97d06e21c7ad877e12e5 |
| SHA256 | 9ddc31a750742adc0ca6d64fbdb7fedd34cfed8cac0f8f3403cb6ae757c8d100 |
| SHA512 | 6a16761bdc9d429591703b37e1d3e09d665df584d1d84717fa6e5bf03f619be4a2627e924533ccb3bb387ed2075ed23752ea8ffaa238b8551b6440b3ec0d29e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ab05f3b4a6e726580ea8d628bd4b5545 |
| SHA1 | 0b38b75550e9d274602b429a7eaf4c6c17d1c19f |
| SHA256 | f05e2dafa7e287f40cdf067e66b550e33965fda1f6dbe3b82f3c5f1e320d9e39 |
| SHA512 | 86f6f90304bc50141e06feab54cfb2bd8ca0ff1973c7fd3c0ad066370f63e4355754d578c88d53036175ef78eea9990cc202299df91f7efc32981c70d6105dd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 67df295fa1b982dfb1df87771d0d612c |
| SHA1 | 8b0aad278a374a6495a19d2edc0b9c4cad0399e2 |
| SHA256 | 15ca86f2a21dfb1c0aaeecb0e8f6f2cbc524dd1849614a1c6ae59aebe853fb6f |
| SHA512 | 2c0bb17da49fbd4a3e7d32b67b1d99997041f84bfe93216467cb49dc994a2b2b0a116297544f14b03f6bfea7ffa292dcc29d608e7380a98d6704486d4b3be978 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2178b73f2782ee4566ee09fdf2270bfe |
| SHA1 | b2165c97b8f90fd5b07ae571e2b3099fcf458652 |
| SHA256 | 557c7229202259ac9df1d72e5a78d4bdf484833323f503206955d7cd95eac464 |
| SHA512 | 54760ff62554bfa156f94b4ffad6131b307b4b85671b6e11219bec34ec8015e2dee63c48e3e3dcb741d5f9d46b208a0959d8a1885e2bfe07ac6ebefc267d1300 |