hxxps://pnrtscr[.]vercel[.]app/

Analysis

max time kernel
300s
max time network
292s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
19/11/2024, 13:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://pnrtscr.vercel.app/

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133764979294139503"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1440	chrome.exe
1440	chrome.exe
1624	chrome.exe
1624	chrome.exe
1624	chrome.exe
1624	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: 33	5096	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	5096	AUDIODG.EXE
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe
Token: SeShutdownPrivilege	1440	chrome.exe
Token: SeCreatePagefilePrivilege	1440	chrome.exe

Suspicious use of FindShellTrayWindow 59 IoCs

pid	Process
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe

Suspicious use of SendNotifyMessage 56 IoCs

pid	Process
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe
1440	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1440 wrote to memory of 1964	1440	chrome.exe	83
PID 1440 wrote to memory of 1964	1440	chrome.exe	83
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 232	1440	chrome.exe	84
PID 1440 wrote to memory of 4612	1440	chrome.exe	85
PID 1440 wrote to memory of 4612	1440	chrome.exe	85
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86
PID 1440 wrote to memory of 4116	1440	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://pnrtscr.vercel.app/
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffbe73fcc40,0x7ffbe73fcc4c,0x7ffbe73fcc58
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1876 /prefetch:2
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2148,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2216 /prefetch:3
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2276 /prefetch:8
  2⤵
  PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3180 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3148,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3208 /prefetch:1
  2⤵
  PID:4180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4516,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3884 /prefetch:8
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4756,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4768 /prefetch:8
  2⤵
  PID:1288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3568,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4924,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4416 /prefetch:1
  2⤵
  PID:4280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5320,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5304 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5436,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3320,i,6931183310034842559,14729504861767159728,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5020 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1624

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4232

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x310 0x40c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5096

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e414bd03dd118bc902e8eb3ab9de9a68

SHA1
a29946928eee36698bc95dff3795edce15f74fb6

SHA256
b5f33fb5d31bbf369099e19aa74eccb785c08b26110e19a36e2b35f8677917ca

SHA512
357606c68695d6a0acec45794281f7e7fc39de546d17ce764db614e620f196f9f3a32791b37ae2df1edfb76b7553eb50ececb6ef7975d0beba38e77f5474b9ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
950KB

MD5
8a3d0b7d3f13eb522ff90bd3744cf1f2

SHA1
2bfdd0aa0c2e1f8cbda4471df71c7247d28aedf2

SHA256
100d33fba97a81e54dd4664511505b33f2e386234ef226b00b216d4e173bc5ad

SHA512
0f309ec3a55c7743a325d12154bcd92783251fe5d0d1b2cf523c597fa578d5c5447dd92d44d9d9117963a33a3eee05377917ac051e2d15d3e82ac667ce833250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1008B

MD5
89d78c72020665c28202b35da66ee9f2

SHA1
0b6a24e82961d554928b2b4a2e8ffb54131543c6

SHA256
1f2be71a23c780fef0e2e765d193e90233df3a08f17a0162e2e411ac48ba484a

SHA512
e2122f6e833ae64e835674b563f12c89d36f136d24f687cd4ddcf075f0ba7e3ff4845739252c898cf8cf4293f2b0057ec1ac2bf7f185bf0c80510b627fd3c2cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
3bc22399d6344ea18bf7982d7ef4caab

SHA1
526ef31367c8d2c892f4d95dde2a433edd88130b

SHA256
4690af6bcfb5637752b05f56d8cf733ca67c4ef3d7d83fc0dd64f65203ac41f2

SHA512
7b55164588d9e5c5f649a1160498fc22c6db152e4fda935ccd9023e08ece62d287f2ddebe0826d12c21a1fd17839003bec72e582945abfbc5d4b0704d7f8881f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0120f5d96d39d8fb62075c27e16a3708

SHA1
9b5f93a8d9abaaeacec15108748075e46320a0cb

SHA256
8d87ad9a2d9c1e673d17f9f198d76e01ef6b1a0fd25ccf8adff5d7ccfdf709dc

SHA512
a9a4f927715ab86658277739810706a1f64461f4598c62bbbf1b42bf98130582df1b08a6facf922bc5a4e47e0d9ac2faeb7feafdf06dad5b0f294ca14c940245

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
5310ce251cb0db3ef8dfd52eaba0dc83

SHA1
e7c4ffce966100a339a6cb398a33c3881bf17803

SHA256
7cfb98baaa937a41485444865521669341cd9cdf2566fdad9391e9056d24a5e2

SHA512
7449e099c74cb46b0c1d8eaaefca8e9e1b3f98495babf7326b970b702c86cb6119f4a3fdf539e001f731cdc8c391889bbcf9fb14b0cc3a0cbcde080444d07117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
521B

MD5
74ef58b1d8db137b12afeaa71d966d66

SHA1
ed09e57ba20c65fcf0be42c9d63fb9b8bd59a695

SHA256
d9da165f71206244727dfe3e887670ba83cbf2a919e364767cbbeb68b51e3dea

SHA512
4ee3bd0f3a79d89588017db29e9ecb9022522b1ce5347a5c3443ee16ac132a160337ffd1e9c416fd27e0e2462c223ce7bc397f9796d41360b141ac1ad9e2dcb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
856B

MD5
83e5bd8bfbd6fa65665d6923f018a0d3

SHA1
39befc1dae910a37d13580c0296fcb78b09de6c2

SHA256
4aa22f3933e930de7563b3859c75c519b61b79e134c90a8c56324cb7ba412052

SHA512
0073b5dad87c29dd6422fd0a359ee38855d2a2bcfec7cc274032e486b2c820bd854330dcc2795f5b10c9f617ca4b052dab83fdf69170e036dad2e253522a8054

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
704d3158b4e46a524e2a036cd053f1ce

SHA1
1167839b6d744ce23c7e4f61c37504ae8007bcad

SHA256
deb63f4a3fc336a8f3da590238f57cd6ff3921a2e71807e204d9c921921b3894

SHA512
5df64945ca755fee11e0e2a5453ee429db068a9c06e8b728a5db3b95464871ea5a62b016bd79f450b9bd9658922b104782b57050ff36fa8ac666168c7802cb97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bd1bfc1977fcc1c750af0bcc873cb23e

SHA1
7f120dcadf364f333f89854ff8ee07fe23804f88

SHA256
2ec209b1beffa65259fcffcbeb3395593dc9a7c0de915d1b5b84a6a0617c73e9

SHA512
d8dd0373bd4737d4652640ee93363e890df5631133c73762f900f441644684852da86b1660defa70b22db43fa12a8f107e0760ceada6dadb4806dbd8085897f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bae2e45f887af99a568cf3d6f50f6ec5

SHA1
e4971371616c7a3b1e06ded93f09b132b3c44a83

SHA256
64f634c1db43097565d3068f6bedca2549cea8238d15352f9b5ed3886df8bb78

SHA512
e4a2b4b6a7ab803923fdea9fa6155cff2e69b35631b31da90bd35d01b5626f541300d4f2b45a116953425a37b1222eb7b93fe8a0cc66cf91ea88104104cb3c54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6f5a5495b7e5c51f553ca1574dda6e73

SHA1
ca17c04a46ad5d4470c83b9d44e59ceca4032853

SHA256
a0449a94ce2c87aeb295ba694f0170dbcc4595a8c73b326e289efcef1e04602a

SHA512
cff7a2d7552399266da49404431f3c5db18fb1ad6950e44aa93d785c0c76f065689372a0338bcff276629ccc13848f18a3595c1688808535a9937cedc766311c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ed5cb2b6b9f56280cdbb91e48e25164b

SHA1
4b250c37700d93c5cec3bc5110230b9917301388

SHA256
5dc65b807314c8d31f01f304f0e0d3b9616121530911b336dba694ce55249cb5

SHA512
d13ecae6b93d878a17c92c5e3882d2065eb3bcfdae8bf817bfcc543e593c23df7ee5e2501c40ee416415b512fa4451aa402749ced8f23d01643b0040b4fee0be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1583db6660e538201a9dc08f3914d0a4

SHA1
e10f0bbf46eeb303b5eca8e504487c6909485b42

SHA256
011275a0c090819878e211c30611e39570b0f00769994a3abbda1342c7ca676f

SHA512
8ccd3528b604de7381183fc8a70ddba96251da1a57475a07a0ed52242504fe0daf23d9d526b0773184a3eb686bc7dcb7b71295bd49f0ff1f596c573a7640909a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6fac495b3605ff9b43e5d84cfb673950

SHA1
adadfbc3c9444303c8fc3c9d43378c793452153b

SHA256
f326aaf0488ec47c7834d799c4e43c5929def5e061ae7b620521105e1f5a1d60

SHA512
77d91a97bd2f723ab46143dc028f004117e46726d4f117eeab2c3e83e66e696847dd98fc9ba5fdde525736323558ca53409f1e885b11d5dc88ea24621050bf0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ad3e5e1af0ecee58d5d5ab03bf8651e2

SHA1
c9ae501974c58fb83462d9db213417b8b75d6617

SHA256
0039a326c9137bc198be4fd14de90a37e1d450908e3d8a877661b94fdcf7f0cf

SHA512
34a9afe5911ea2ecad1ff2b92962b56c75189d66ae9b55e8984db93b918a1e21f463c67ae47ce76748be031d3f8f4b474c13c5e3551bde6766f792042b4eeae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
21b2e54061de40771c44dc33d84f7d32

SHA1
1956e706f3cf400c595ba76b962e938252c9e658

SHA256
aed0cd6584afd18bd6a1f3c14e5798089f15c565c1c5db45e8f4cfd2ba550073

SHA512
306f1b65a074356712c851d353314082a8f65cc8767217798db43f3cea95a28ba92d08a0350e4245251efd21844e57eecb2c956a59ea5f313efc76d3b71072da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0658be069447eedc54fc512eb19f3198

SHA1
3d78ebea3f2afb857b393177e92f555b21cfb613

SHA256
d190d3eae9477e1102925a359af4f6ba69d8d3ff00e54056416992322c06d6d5

SHA512
15d6cd7695e10408786f848c1bce05d54c7b3613896bb22e878ae8becc4928a6d63c644c9c968a98204c2cfec63385d1515575917ec92448e23516e82c7a8b1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9acbe88d3eab6e8f27dc8e6d21ffc462

SHA1
6629a8e6dc8d7fbc0991b61c0f29103950c3c052

SHA256
98b63769060d15b1d5e9232ebdd56fbac3017ddef7b18cae0a708e0455fa5395

SHA512
f202ba587ab812b9d651e71af561eb647525dd4d4c4fca61fe11df0d6bc9e56df8ebc3a991ab31cb3df843341b4fd80abfca1714c119e693a3aef517c15ab800

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0e0cd503103e0036ecece520f7a0bc38

SHA1
bb8934165f27767eeed9e99d28c45beaa5a1967f

SHA256
1f29c8009cdf67dbb947efe29f6cd13c224816df7c0315496245d60f574f0f2c

SHA512
af3a494a2c987e327d7a8364ba90a27f1d85b6170b3efa293853f64db518bc12d26542ae53a55a66604f03f4b7924970ac27f9bf60959c1ac69c15574b24f4da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4df8f12c19468c5a0c0ef784e65e80ed

SHA1
0ace74fbda55508762df492c981d76b97ee7a0dd

SHA256
6aa2b956ab3a2a7a7f39df36c7c1baa5c991ae0f8fd3060b4ea83ac81245e5e9

SHA512
95e377b3387def81ade1e70863907ecb2eb926250bef205cc4af8e51734e501f129e070a03a337f537b7a66afa6eb65d9516b1cf80ef5de86f73007da206a199

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
97eb40c05ec5e0b8b1a05ce4489de036

SHA1
7f69688a6883c1dc663f160edfbdb72475eb5768

SHA256
016610b01265f7e064ac3cc6576d3fc0b6134a9cf4afd28f2dcce6afc4304e6c

SHA512
825b7dec66788dc6e688d6009fed3748946b194e314b4d4d114b4c46db475196f68ed882312a41e925255a5722332c7895434e9069c1527bad5bd7455f0565d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a0084fab5e6d3eafabf4269ae25bdd47

SHA1
9a71009dd04540a477c2df96c27e9a835391b618

SHA256
81989a7187f4efdf26b641c2d39f3a04121a6c883c3a88cf94d44d8e1f7c419d

SHA512
c91f6531aad7fd0f9ffd58e91293afd18000cc8fec3d41cb1dbaa5f21828987b4aee8cec8bccc80c0704a6dca0a5492c4d1dd43a2691d0a283cdd2f263dcafaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
64e5012c252957dafff5f70f6a5d869c

SHA1
9377d6458b30c9c84fa716134e30925d9bee85e5

SHA256
4a0e47714aeb22248d8bd54aa72727f8a5db0fb7cbd207c8ded0d6bdfd17569d

SHA512
9bbdb3404d182eb50b988a302f128e2df419c314dc9d236a5f680b08b96aca50ea53474125b3898c3a7f638d67065385a1641fd8ccf8726316bab7b438c8670f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2f7d0b39c73bbec9cb85fbc5bde19064

SHA1
1fce496033fb1ef5f3963ef13638191cb4424cc2

SHA256
4737b723ca3e3cdf4733852cac4a212da9d230540bbf742a7f973ba9ace5c5f5

SHA512
79429d1d7987186ec9f27816e49f6ac58cc608f4f8a3d082a45609ab4022900da1c28fe7aaa74f5f65862878c0c8a22bcfe033cd2bfbff0447b365f31509b127

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
e58eef04414e7d7d5c1f69992f778eee

SHA1
ae24b1465897004e1d38f75e36a893f5dca6348f

SHA256
5021fd56486346e01e9f3756ed265c9f427c5d02a1340692507475c600d25c16

SHA512
e849411dea1cbe48c2049d2a3604ac8ee9743d3e69b9748caf4aac483dd3f5de4564046ec741ecdbf8839d45a9c28a2ebc731045702cd9185e684deab148d2be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
9affd063ef9e017c4863a2b6935801d8

SHA1
ecd522d384ada685278e5f16360a421018c3cd5c

SHA256
962c67a54807b46f66234ac945744cee18900388a05cac706f230df3abaa5a92

SHA512
d298d7c1e98a82e32dc2d4593d270035ff8ccc59690774b22144c1f72ea9ad28dcb5a3a48f105afdef0eab0bcc8d794e00c0046ed6653a1607f4e4e786ff4b3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
54e1a86f4012fc3465cd1add4391b4dd

SHA1
c273ce116de867cbe87e1a863cba9456d0de44ce

SHA256
4704adc5e9691efc65a344a82ae7cbe84a5086b4c82e8fb8a10fbf4ec98b5a84

SHA512
050ebcdff79728fd7df33e7083ae89e184e3199b7d3701657cdd65332d6c765667c0e09e39293689e11625162e084e1b2767b1bcc90ebd8f683b710a07a84921

Download Submit