04e8581de639b3c427fcf1c7fc9deb4074f30460d0c95bfef5665a00fa86744d

Analysis

max time kernel
125s
max time network
120s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
19/11/2024, 14:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

damimari.txt
Size

433KB
MD5

99e6da7a5b69264f7f53fe33af31d306
SHA1

13bb3bf3211b9198829312e3562967be9c2309bb
SHA256

04e8581de639b3c427fcf1c7fc9deb4074f30460d0c95bfef5665a00fa86744d
SHA512

b3ad371ee9686534cc706f7e50d0b2028f613637d682da804c19caaa5ef6463e8b9d93bae9efe36a547a563d096daba1653e2e434d4726aceb5ac59f661343a6
SSDEEP

3:tjt:f

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133765013914575330"	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
2344	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2748	chrome.exe
2748	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe
Token: SeShutdownPrivilege	2748	chrome.exe
Token: SeCreatePagefilePrivilege	2748	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe
2748	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2748 wrote to memory of 4508	2748	chrome.exe	108
PID 2748 wrote to memory of 4508	2748	chrome.exe	108
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 1744	2748	chrome.exe	109
PID 2748 wrote to memory of 4168	2748	chrome.exe	110
PID 2748 wrote to memory of 4168	2748	chrome.exe	110
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111
PID 2748 wrote to memory of 712	2748	chrome.exe	111

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\damimari.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:2344

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff988c4cc40,0x7ff988c4cc4c,0x7ff988c4cc58
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:1744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1740,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2596 /prefetch:8
  2⤵
  PID:712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3164 /prefetch:1
  2⤵
  PID:892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3392,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3412 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4556,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4924,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4956 /prefetch:8
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4648,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4584 /prefetch:8
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4692,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5072 /prefetch:8
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4984,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5196 /prefetch:8
  2⤵
  PID:4304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4980,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3716 /prefetch:8
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5232,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3724 /prefetch:8
  2⤵
  PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5444,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:2
  2⤵
  PID:5416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5176,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4844 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5316,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5508 /prefetch:8
  2⤵
  PID:6040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4392,i,17620803364442203343,17081074859241442860,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5536 /prefetch:8
  2⤵
  PID:6056

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2228

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3244

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
817f9398b5ba0afa0a62a26a67424986

SHA1
972b71b84d4f8f700681589002b7edce23b0e0fc

SHA256
c5314537cb80184d69e2ca258c85291fe171bc6fdd515983d9ce532b2148fee1

SHA512
9fe6f6dde1cf77c48df2ab7e82e852e62c40374e922e9ea6547eff726c13e61caedf2a6408d45443b68c38514f032d40c2cbfd0488603644a29840b09e7e7511

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
35d0ca94d89af2709884f9ab06d1573a

SHA1
b0a6fc435222a3352803f412aa77b8251f4181de

SHA256
17f91882d429f3b15dfcc1d2d2753330fd8779c225b8532684ebc99437227444

SHA512
8c3907c45893b0258159b4531768bb2230eeedc50591e375a096134fc3c77729a776d6fed4e35d16ae8f88430b86dc875e195310010f165c70257161688eade7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.83.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
13b8fac632b85ff2732ea13695664a7f

SHA1
0725350a6be86d7a262aa8efbbb3a501fb23bad0

SHA256
9b54c8bc570f465d1228a7f3f7de7dddcf1532f643a71e2eef4744a991037870

SHA512
4517f9508a23b39c08d1e8073d7a7d77d7c02f4f9288c520eaed723f79c7eaef599b3a307672815bccb29c2c3796608de3ab6116cc866a41076390da0952739b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
37dfdbcb1f8c8a413e0612e11111765d

SHA1
f684bbf24d0d491864184f817a4f520396e019f6

SHA256
c8922d051703c2b0b6ba3aa0cfb7897c6dbd408af3116cbc3bc015c5b5fa10fa

SHA512
a83e16ca2fefc89c8458cb0a615d1eba27bf057b1263c342852529fa05b95c23664399503eb28ecb35aaf712ab3bb35d6d66746fb13053bdad5b3e8ae8000940

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7b990bd2845780b7e73c3f817e88ba3c

SHA1
e00be2173855a21da94f61786eb9d57367fd51cb

SHA256
7507f4c0c462c2bbd2bfa29cfafbd64e6bff340855e039a0250abcbe72d2b572

SHA512
ad6ea10a2ec727f1d04bc699f1ce576fd758acd2f679ce2ddf240ec49a62ba633a2075689f37495d12aab971905d7dc846799bab73fd4315c8563b8c4c2b93a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
5b7a7d8b321d8dfbb5f325fc6d101e03

SHA1
b9d237dabd1b5051d97946ab2eca04216770eb5c

SHA256
edfda764e218905514574ab46df0e43c50b6ba22e0146951931861a8bd2d3967

SHA512
1a12db48bcc3d29ba6f0deed92acd994f1e3e32cb75f97be0f9548e379cec97bbd4dba23e3e1e47d6e12d447d3ab73dc3b7ead92e7755c7e8636cb8b605146ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3ae658e26f7b63f879a4054d9fde418d

SHA1
7686a1908685414319163ba784ca3065d58818a5

SHA256
298119176bd57987f352eaaa4a65753e20e216fc774bbcf1d44c9a83d0ce2b14

SHA512
c3a0d844dd6fab7afa87d26cd0edd43f201704304ee2aded3cf51c064ed8fa4476efdebd2c86661dba4fb08db102f138fd95f8f41068ca4560a40f8162a31b3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
af70dcf849d0863e7306de1a1e60a1de

SHA1
145de7ebe718157395441a756fdf33303f47bca8

SHA256
c32c63cf8a187ae37251c9debb7b2166e63fb2d1209bef8c18383b792709fed0

SHA512
3933af24b8ddc4887e433401aa17d95cc62a4c4bbd240f9335a5ca776f6dac18edde1b0b20909ce953d3551c1dd2232c4dd9fe9468a3deff6c55a6ca04921171

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4f14f7c42983da81f3a16ea36e528ab6

SHA1
5938b265cbccebd9b519b74b2360875cb4d85bc1

SHA256
15b56efd211e17ef0a47312641357ed488c5d69f64e9599efa3241e61a734e23

SHA512
a65e41f689b065089a1c10f15d2ebb4ae502f3a679247760beacc2d184ef401c6f16cb95347cc14b50ad78437c8cd1cf66075c4656f4a9a2f6c57be8a34d5d6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ade2f9955a21a5ea9e387b9c4b195b1d

SHA1
e554a14647972f1d970e1f0458e7f966d53475c7

SHA256
3aec8803d750b44c6cfada30d5dcb6c16f9062cbb250165db795244149fab338

SHA512
c69bbece64ecc86042f30d9c86ae848efa3a4732a004aeb5e679efe4c6215b3f22837d5542741fbd03e158cbe3711d8b75ad862bd21ebf95c56153ba9fbe4c3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
45300d76996a6329aa50750dcce477bb

SHA1
8392f70dca2f7a3afa46f8f89983441404597503

SHA256
328c37689823ff91ac99df7a2845321171a47091d72d3868bfe352c15773a45d

SHA512
42e67954fb75b42cb4d3dba61eb9111488259d70360ee8debb1216efa2ca37460924230f43c316bb04a57fcffa02a81e39f8548e9cbbb66e9b2840b8ebae2742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6a57b5d982dc7d34b5f75b8dbc9ed3ac

SHA1
0d92b425327b6e4c78d7b3493a589824d884396b

SHA256
196d7589cd3b12bf209c5292b1cdc55dade186104b413aaf4935e340d6776d50

SHA512
f84f530032738aeb8016598d6898968ab32e2052b5831bb02ddae20de64f977d6e0fac19a5f6013d5d53d3aff4c74a66f110f8383c53b59877a7607de7e32d0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5cb19c7c2fddd3b91a12c01a2f46d812

SHA1
57a53d354fb851399b039853ff4c4d6182a2ec97

SHA256
b9b40ca5a0b680b29b699637fee23d2692c50c3703ad16a42c0b22017b5eb07f

SHA512
f844df5eb05e0cfb2dbab78b91f99a98737f29958772b3c116d9ff79c97976dc433d180a0f652f780d94fd833c9728b1420ced03a1d6496a19f55c23fe3bf787

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
4fd34f29328679ffe9d4152915e04be9

SHA1
21840033b3fcb30415f4a191c7be5e527ba79129

SHA256
64f04c58ca7ac5accc45eb8f34e643e01ea997bf547d61296e4613f6941cb6fb

SHA512
a09ad3550eb6df4fb386fd010d2e246de919d8be429b7d740c66927cef836930d9d48b8940258fdf8ffbe765ce1026571c6049b5812d17956f2b6c561be2f986

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
4a6bcf98489d33dd12a09b9a2dac5400

SHA1
7a20ff7e101c65ae02913dba071a9de8066bee6d

SHA256
d687ea9afcc21760e33a57382a680a41422e76a72c57ff4e6580a3b80a1e19f4

SHA512
8d0cd3426a89e2d8dfcd211c417a6c97dfd4de4bcdc9796034179526a4ebb5bb1b382bf722097d32439d008b1df15e96a1decb7dbedcb53b3172f4c26cb42745

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
19528d9ac146c410a552555bc959380b

SHA1
d85837f30b1b7744f6ae1c28f45169e53d811403

SHA256
d2890d9305caae0621f0bab66492036927e3011ae6a5153496f4c7187d9487bb

SHA512
98acd65ba6b830e62959df64af6b2a5123d7ce66302c41fb0d6102e9b4204d0ee996f859d185543654a09c8c00c4c4dd119d52e7a642d104de571cb4da84fdc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
232KB

MD5
2a27dd1623bd534e7a9731d50def03bf

SHA1
2488dd21e9d4c49973308a08def06ce75ea32903

SHA256
c8cdcc7be226acdcd907fb3e3a0f113af4a962df391779883b0797fd0429840b

SHA512
592c120c75b5821490719f3747364a24af4bff11912c9ebd08ea2102c7944b1219f78109307082c08dfe8a7887c7079cc60c6dce479bbff4c963b4b1fd287c1d

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2748_1087565515\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2748_1087565515\b58dab85-4fe2-4cb8-9d50-f451e681bc51.tmp

Filesize
132KB

MD5
da75bb05d10acc967eecaac040d3d733

SHA1
95c08e067df713af8992db113f7e9aec84f17181

SHA256
33ae9b8f06dc777bb1a65a6ba6c3f2a01b25cd1afc291426b46d1df27ea6e7e2

SHA512
56533de53872f023809a20d1ea8532cdc2260d40b05c5a7012c8e61576ff092f006a197f759c92c6b8c429eeec4bb542073b491ddcfd5b22cd4ecbe1a8a7c6ef

Download Submit