hxxp://vividspark[.]shop

Analysis

max time kernel
164s
max time network
159s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
19/11/2024, 09:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://vividspark.shop

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133764834932519389"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4896	chrome.exe
4896	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe
984	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe
Token: SeShutdownPrivilege	4896	chrome.exe
Token: SeCreatePagefilePrivilege	4896	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe
4896	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4896 wrote to memory of 4512	4896	chrome.exe	79
PID 4896 wrote to memory of 4512	4896	chrome.exe	79
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 4980	4896	chrome.exe	81
PID 4896 wrote to memory of 3584	4896	chrome.exe	82
PID 4896 wrote to memory of 3584	4896	chrome.exe	82
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83
PID 4896 wrote to memory of 3692	4896	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://vividspark.shop
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff88f7dcc40,0x7ff88f7dcc4c,0x7ff88f7dcc58
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1796 /prefetch:2
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2080,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1776,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:8
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2992,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3004 /prefetch:1
  2⤵
  PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3008,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3052 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3672,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4392 /prefetch:1
  2⤵
  PID:1208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3276,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4292 /prefetch:8
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4872,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4744 /prefetch:1
  2⤵
  PID:1232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5024,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4316,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4708 /prefetch:1
  2⤵
  PID:2600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5056,i,12274740093283272045,11537054995011836963,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5100 /prefetch:8
  2⤵
  PID:2904

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4640

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1104

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004B8 0x00000000000004E4
1⤵
PID:3884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1d1b2be29bafbb4c1f8a7b82704e7a28

SHA1
bdc065f3592aaeaf5a451b8c551f4a4d8d4d6cf8

SHA256
0aa95d590675d06b017d0081d720940e7c67cc80e1e26119aa99e2f6245357c6

SHA512
819f80131fe46ec343e24cc9eade4a38fd3d51542044b179217b52679b46ef63bcd343f1eb384fe9c3314a9de6e871efafc11af056d0b56c655a72784a5553bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
158KB

MD5
a272775aae08dc574b83784a0dd09f84

SHA1
7b6db6ee34b3b8d38d2fd8bcc615f4194a53fea0

SHA256
a7172c64d9f2abc45e76f32343431727f05f2f61a99557dc3cdb875e204ed0f0

SHA512
5a09d4d532fb9135484f0f3a2f9884ed78a51df94bf72c820851d2e61c474c391dc68fe9655464441737cd198dab0f23451e20e4ae4b60cf2de517e75e5217b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
7aadfebc6ae79a59fa0664ac011ff5b8

SHA1
b5a1c3a93c4c4db27dadae47709401092ae4d4f0

SHA256
e82f366e01db61f55f467add99ee696b88d2d64a58c3eb09656d9747e9771387

SHA512
d0751eb724376f5a2590b480b2f05c0813ecd1b41dbdb73e245aa4dde557915e46d22f843131b40903a3a64038aaf320fc1dcf4917f7c9711254cf590cb4585c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
da381c3e904b737765d31509c53c927f

SHA1
ee90d32acfeb0aae6c14aa5b7a2571b785420b41

SHA256
cc8a2906bb9a4537f8fc678747537c8bf396085a1e2225ff088e2c26f03a0759

SHA512
3ca8e3c241c131bb7d9fb53ce5e9ce037a68ce4714667b350265f10919d6ad822f55301371061bfcd1627259bad345eb4b30a9e9a0f9c6f6069cec4ef467dc80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
70d4f1cdace45cf63e821c9061c3fd70

SHA1
9c362b9276d57273a33790b62006841f82283f12

SHA256
f3a73480ee2b4fdb7c1a44beab56f5af8aba904b5e795a1cc5211e10f47a29d8

SHA512
11246e4429d552c21557e94f5c43495ec854824c25e1246016a85ed770f5c8bf1d781a5ebc2c633f25de5f7477cb0d23be598cab8be2e99cbc0f9b9c45973706

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1a2244f3f24e98a6ab664fff2921df4f

SHA1
cfdb8b62a392f4f5886974ac1df7639f9f506be3

SHA256
5b2ac313222ffe31291b5cf756eed6022d86d7401398292cf49a9b3f3f7baee0

SHA512
5d2243ac74ab91ce482f25240a6e66b824a79ac78d7d5f7b95ec81ec822daebe32157b513b9f8540a95a213c26d1f236d797e7bec882c38a4c30f38026a52ee5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5ed4deb61fc67c346543ff40c394b35b

SHA1
09c6688f6aea279fb546b610579bc3f8f88fcb7d

SHA256
2859c7ebfae5aa43c4358ee0d933a95505f510b7fd686582a5b1fbdf8401c132

SHA512
5f836e1c0bb1a7426431dd7a916bf5512440efe3432045571125cd75c0e506132dbd1eeb628db2b3837fa588867a09fa7ced8b1bf37608b3a3cb5e965591388b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
095f5c935450f5328789c84b8291133e

SHA1
a05b0063d1df6acd7d9d9f021d9d4961d2b1f2c1

SHA256
97092df3e4976e3f5e887469b3aabeb323c9feddeec68028e555ecf379c763c5

SHA512
0b7ae09fe66d11a4d6be66afbcbe7719f4d95f8a462f5c1bb100849fe09f7b5330f0f12aa67fa518ed703764a8230370b26681d9298a8efd930368531c2d6f61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bf3a6db47c922dd9d32ded43ce4c0bea

SHA1
2b9a063994db353b23ee3b5108a17654d06e9c2f

SHA256
c06ab6760bbea96532ebdcdfbd75ffc71853fb849b92b1ff56896ad839155f09

SHA512
d013e66a297398ca7e76572e70ad76cf5c917f3fa04b5c54549338ac350164ea1102cd028c0494470ec482937fc35668dfee71351b5a11476f6486602aced62a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
9fc3b4ea32768f855ff574a53e30deb5

SHA1
a97c2bc7b16f66fb1a85898b07388de78df657ab

SHA256
7139e8b516666a5613463a02a92f6b50e9dd16af7e43a5a8993dea7b55b21023

SHA512
e570e6bb6269f3f84f5a3de6ffbe46601a2933d3511a0f0fa71696f8624a13781efd9e1de07cf51af195bee261d37ca5237d30e45142d035d5f1352a3aa35d85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dbb4b1afad85dab1918bfe098228aff0

SHA1
50e54dda07e196fa4b47b3bd649ca8b13e900969

SHA256
01d009acc4ca7108dbc60772f9331b6afe2267f410ea37344c2ab498571e9de4

SHA512
cf77c97497a0ba4d894d395d699c3ab840271d0626f157fe79fed58943659399f5dde061596d6eed7240a872880af60a33748ccfcdd78a2161f9559a30e532ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
4333f60cafd687a76c226c98506ae3bb

SHA1
5d0e76e1034049ea862966f84705d38ee9e1963b

SHA256
5e64837b2d4c48cfeb9337c05d9c26059565633ff3c606de15c4c479d12be50e

SHA512
117f73c9af1ad695f00efc7aae5a1b9248419d57bbf82fb0a500de0c99e07b024257e9713e2e42ba8679f8d9158e89bbbb8f31e6a46e78618cd83154fa4090cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
85a5b7a0fc2343889654cdbb7044d4c3

SHA1
f1a0dd702fbc398ef7f9d0abbcd9ee55cd29da69

SHA256
19642199a6c9c41ce93cee73a347762e7c97bf2afd78fdfab6b403a34c0b4765

SHA512
ff921805926fa366a59c9ce2c1f624b33a80183ea8a2f7b6e3894de6d0263e9d302389fc9898c5fce4c036248959a9684840e8145d46d9a5102360ddc5c9f00a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
2c1bb62a811c4c5978cec17bab1f92a6

SHA1
92c9aa4c09cfcea0f602b635473650700acb2616

SHA256
ca9157b6b42120a4426d7f8e92485cadbab45bed033127b7acb6d55a024cd1a4

SHA512
1029649fd97531c0b7820a8f18d60d9feb244565e5dc4ea05adbf70ddda69219ea8303afdc65e814f7b66eeb9a68c0631fcc964d9648de39670ddab58fb3c60b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
3c1d215a7bae27242f3fef9fc090509a

SHA1
b5d2c75c355b8ec5a679ed2cb541d329d986a744

SHA256
3b0ce99d33b1cd6d595a1f25ad27e80ffc7cef7ab0ea5502e8489d0c5c86a6ad

SHA512
3553cb122ba288fd257f80835a4e3a9a9b34b88a62c7f68e530a4e516cda54c98c606903b77a4b6f6ed7970cd5426f58c7890c310e5c5f16987d14fee84ad632

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\b500f1faf61f180de1748705af17dc1a8e8ccb3b\e559cc74-44a3-40a3-8622-78183ebc22c3\index-dir\the-real-index

Filesize
2KB

MD5
a18082c65f4f3a5aecde75f991d5ac2e

SHA1
b27a56fb9bb9419f5dc55eccfab07fce8cac4669

SHA256
deb90a211325efe7015038d417168615af3fb0c4a9635cd2297433e4f14601dc

SHA512
dee5f232138d7d5d3c4fd0ff1da48b42f2733262e6485061888a06f66630dc8c3c1f7ec019970b9ca0b99dd76d6953b372171e4097ba12bc829d54a57373d87e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\b500f1faf61f180de1748705af17dc1a8e8ccb3b\e559cc74-44a3-40a3-8622-78183ebc22c3\index-dir\the-real-index~RFe5a2433.TMP

Filesize
48B

MD5
57962d62c7ac00280dde13eaecaf22be

SHA1
8ea921e20bb70d6862a871bfb28611c54d3029b8

SHA256
447c94bcb9a120ff875b5c0af13b2156486774f955057afe903b086df1fe9114

SHA512
07831dd311fc5175a7904f31fdab657e9490e0565b6290d729d4173042cf1e7ab4342bfa300d9e4dc0a8b28f3e8ce56189a5b5e9e0acbff09d507251760483a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\b500f1faf61f180de1748705af17dc1a8e8ccb3b\index.txt

Filesize
145B

MD5
32477d438272e00efe1c51c09dfe7852

SHA1
e02d77d53e3fa44ded434b4f60de36833ceeeb8b

SHA256
74ad42773ff192722c7861ddcfc84de09ca21f7ecc2e6c45b67208db9e14e833

SHA512
25979529e0d607e20144a2f440f0d5e090fcb12cfe68804a3dd8de6ed06573963ac1c968c906bc6a6b3ee56d4ed2b58b2c78894ea2c434a86be388cd34642fcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\b500f1faf61f180de1748705af17dc1a8e8ccb3b\index.txt~RFe5a2462.TMP

Filesize
145B

MD5
5ad2ef53eece3c0bba70afcd7c4128a4

SHA1
d5886180e57aa45f11912b413f21a5b77414f884

SHA256
bf083f9e54f38a9328607d340293b8710d03cfabf90ba0b42307716dfa36b459

SHA512
912d9bc93948f5dcc712e754cd06445a175f9b7efa267cff0ce8b01850ee0ecbbaf01af2445ded093201e258fbad0c30c514a2127f5652cb5bc606ffc3419a40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
3bc5096f7aac075befe1469f8315c0c9

SHA1
536a0264d748ff208ac3caf189cd0e2f4c7b5118

SHA256
061225c1703f3d0002aebce82b852a1deb8e547908f273a11d01d201ef4a1f26

SHA512
b6ca0c66627014766629e1754c6c9df0a524eff71c9cec8c6fe8b7cced8012bff7364f240e61110e871798612938c68b4565bb2cd5aa835c8580165e3863087a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d2a6df18-2183-4631-b31f-3c7f7490ab6a.tmp

Filesize
13KB

MD5
a8b6e9f8e51d77dc91fb2cc88c761977

SHA1
85c66b74b2f5936b4135f09d6312ca96400ab15e

SHA256
10a6cbdc946816d21584418054bdc09cb3e08fd261d2c50985906872dd84ca7b

SHA512
bde7db0d2197e869c8dd360d56eca191cb9374fc14022ee27135c59bca1023091e4185ceaf4e1e555027948bed1a02d77569c23405f009603825a180f34c5079

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
a5dbdfbef9b40b43f868c2a25dd5a252

SHA1
e19b3ba3abc41963f7ebe961fff179c03b329c39

SHA256
03695f31e051e75908a5b95ac99163f5740330481f8ff2bfb99031491d969a99

SHA512
02d1758f05c71061ba11042e2ed57c08964ab14108e2384b9c22acfb0a4296b0bfc2219d4ee256d11d0d4b0e52a18b8220314f2bb2af236ca1c7b80e18a98f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
945c0b4056a91d332ca735df58fc2f49

SHA1
c109b73abaa53630b44395176203339c37752cc7

SHA256
789756e2966b0efb36716841d77dcb1f655b06b381dc4c0816b45718eb1e358e

SHA512
a8d9b86c772e88fd9ab0cd628292418dfd580aee8840a20bb04f76c0c8337c8aeab226732e050d24c638f0a666a7273362c7a7adfe58866a3b9729c67fec6428

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
1013164b94c1adf19c55c401cfaa37d3

SHA1
088d98fc490927776c285108f68db31b195b8c3d

SHA256
55a35c28c420c270ba2de79ed220e1c3fbc201ca65af6a009d48d3490bcab95c

SHA512
55a960bd0322f8d8748f0ce75a116e4ec1033f367d72164091af618c15d91a00f90b7f4743c072b0ac49dd6ae9b73bb027220dccc29beed6fb8c8c3d7547606d

Download Submit