Overview

overview

10

Static

static

6

AES-NI.exe

windows10-2004-x64

10

Abrechnung.exe

windows10-2004-x64

8

Box (2).exe

windows10-2004-x64

3

Box.exe

windows10-2004-x64

3

a66dde2298...43.exe

windows10-2004-x64

9

a7768f4973...e0.exe

windows10-2004-x64

10

aa7ff3bc28...1e.exe

windows10-2004-x64

7

aace43af8d...99.exe

windows10-2004-x64

8

ad3cc219a8...ws.dll

windows10-2004-x64

10

aee03626b8...b1.exe

windows10-2004-x64

6

afd3b729cf...2e.exe

windows10-2004-x64

10

b56c4569d6...ss.exe

windows10-2004-x64

3

0.84762379...67.exe

windows10-2004-x64

3

zsgblrbrum...ke.exe

windows10-2004-x64

3

b7d9f11c16...b0.exe

windows10-2004-x64

5

b8f60c64c7...af.exe

windows10-2004-x64

10

Saldo.Pdf_...__.exe

windows10-2004-x64

bc557a7bfe...8f.exe

windows10-2004-x64

7

bd2d4d4300...17.vbs

windows10-2004-x64

1

be03e43db0...5F.exe

windows10-2004-x64

10

be03e43db0...8A.exe

windows10-2004-x64

3

be514549a2...1f.exe

windows10-2004-x64

9

bfb8f7f6cb...-0.dll

windows10-2004-x64

8

bldjad.ex1.exe

windows10-2004-x64

3

bldjad.exe

windows10-2004-x64

3

bldjad2.exe

windows10-2004-x64

5

c145a26dd6...a0.exe

windows10-2004-x64

3

c325092750...db.apk

windows10-2004-x64

3

c36c46f4de...6e.exe

windows10-2004-x64

3

c3dd2e3cf0...04.exe

windows10-2004-x64

3

c71c26bf89...3_.exe

windows10-2004-x64

7

c846282987...fd.exe

windows10-2004-x64

5

Resubmissions

22-11-2024 22:54

241122-2vh7gaxmfl 10

22-11-2024 03:27

241122-dzqkcatmht 10

22-11-2024 03:16

241122-dsgc4atlgs 10

Analysis

  • max time kernel
    203s
  • max time network
    203s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-11-2024 22:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AES-NI.exe

  • Size

    999KB

  • MD5

    83e824c998f321a9179efc5c2cd0a118

  • SHA1

    16b84004778505afbcc1032d1325c9bed8679b79

  • SHA256

    4142ff4667f5b9986888bdcb2a727db6a767f78fe1d5d4ae3346365a1d70eb76

  • SHA512

    d1c9fdb653d6b028c16a9d82895b7f03b6f96aecc802ab5104d6a762091e71502e407feea3d3d64f19b9f7c2888b1fb2b1dd5f2909b6e29414d4e4a78b56917b

  • SSDEEP

    24576:xMhc8sFdkS6BEeL8xYSCy3vIyzlueaBLxGLJe3:Ghc8sFB6WeIYSPAyUHxGLJe3

Score
10/10
credential_accessdiscoverypersistenceprivilege_escalationransomwarestealerupx

Malware Config

Extracted

Path

C:\Users\Public\!!! READ THIS - IMPORTANT !!!.txt

Ransom Note
===============================# aes-ni ransomware #=============================== █████╗ ███████╗███████╗ ███╗ ██╗██╗ ██╔══██╗██╔════╝██╔════╝ ████╗ ██║██║ ███████║█████╗ ███████╗█████╗██╔██╗ ██║██║ ██╔══██║██╔══╝ ╚════██║╚════╝██║╚██╗██║██║ ██║ ██║███████╗███████║ ██║ ╚████║██║ ╚═╝ ╚═╝╚══════╝╚══════╝ ╚═╝ ╚═══╝╚═╝ SPECIAL VERSION: NSA EXPLOIT EDITION INTRO: If you are reading it, your server was attacked with NSA exploits. Make World Safe Again. SORRY! Your files are encrypted. File contents are encrypted with random key (AES-256 bit; ECB mode). Random key is encrypted with RSA public key (2048 bit). We STRONGLY RECOMMEND you NOT to use any "decryption tools". These tools can damage your data, making recover IMPOSSIBLE. Also we recommend you not to contact data recovery companies. They will just contact us, buy the key and sell it to you at a higher price. If you want to decrypt your files, you have to get RSA private key. In order to get private key, write here: [email protected] [email protected] [email protected] IMPORTANT: In some cases malware researchers can block our e-mails. If you did not receive any answer on e-mail in 48 hours, please do not panic and write to BitMsg (https://bitmsg.me) address: BM-2cVgoJS8HPMkjzgDMVNAGg5TG3bb1TcfhN or create topic on https://www.bleepingcomputer.com/ and we will find you there. If someone else offers you files restoring, ask him for test decryption. Only we can successfully decrypt your files; knowing this can protect you from fraud. You will receive instructions of what to do next. You MUST refer this ID in your message: GYHASOLS#F61E8FBF997FA21406F35B5B0154D7DF Also you MUST send all ".key.aes_ni_0day" files from C:\ProgramData if there are any. ===============================# aes-ni ransomware #===============================
URLs

https://bitmsg.me

https://www.bleepingcomputer.com/

Signatures

  • Renames multiple (5276) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Credentials from Password Stores: Windows Credential Manager 1 TTPs

    Suspicious access to Credentials History.

    credential_accessstealer
  • Deletes itself 1 IoCs
  • Drops desktop.ini file(s) 30 IoCs
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in System32 directory 9 IoCs
  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 64 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Event Triggered Execution: Netsh Helper DLL 1 TTPs 2 IoCs

    Netsh.exe (also referred to as Netshell) is a command-line scripting utility used to interact with the network configuration of a system.

    persistenceprivilege_escalation
  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Checks processor information in registry 2 TTPs 10 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 64 IoCs
  • Modifies data under HKEY_USERS 8 IoCs
  • Runs regedit.exe 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 21 IoCs
  • Suspicious use of FindShellTrayWindow 27 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AES-NI.exe
    "C:\Users\Admin\AppData\Local\Temp\AES-NI.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:4488
    • C:\Windows\SysWOW64\svchost.exe
      "C:\Windows\SysWOW64\svchost.exe"
      2⤵
      • Deletes itself
      • Drops desktop.ini file(s)
      • Drops file in System32 directory
      • Drops file in Program Files directory
      • System Location Discovery: System Language Discovery
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      PID:3436
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1448
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff92b0bcc40,0x7ff92b0bcc4c,0x7ff92b0bcc58
      2⤵
        PID:2984
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1836 /prefetch:2
        2⤵
          PID:1556
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2180,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2228 /prefetch:3
          2⤵
            PID:4280
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2280,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2468 /prefetch:8
            2⤵
              PID:4216
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
              2⤵
                PID:2292
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3284,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:1
                2⤵
                  PID:4004
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4048,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3752 /prefetch:1
                  2⤵
                    PID:2752
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4836,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4852 /prefetch:8
                    2⤵
                      PID:2504
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4880,i,18254194378069585772,14315345606273405129,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4924 /prefetch:8
                      2⤵
                        PID:4640
                    • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                      "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                      1⤵
                        PID:2620
                      • C:\Windows\system32\svchost.exe
                        C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                        1⤵
                          PID:1284
                        • C:\Windows\regedit.exe
                          "C:\Windows\regedit.exe"
                          1⤵
                          • Event Triggered Execution: Netsh Helper DLL
                          • Checks processor information in registry
                          • Enumerates system info in registry
                          • Runs regedit.exe
                          • Suspicious behavior: GetForegroundWindowSpam
                          PID:3260
                        • C:\Windows\system32\NOTEPAD.EXE
                          "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Public\Desktop\!!! READ THIS - IMPORTANT !!!.txt
                          1⤵
                            PID:2572

                          Network

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\$Recycle.Bin\S-1-5-21-4089630652-1596403869-279772308-1000\desktop.ini
                            Filesize

                            948B

                            MD5

                            7148b1f36bc1cb13a0c2c97ad73d6ba9

                            SHA1

                            5e3a5373b447e2638b05edc1fd8274b52db54fd7

                            SHA256

                            0fb417762742644b2da83496982449679b5673cf1489bcbbb6ea8317b55abf86

                            SHA512

                            a95e8943785902f60173e6959e675f90556d88f9645fec33e71a880111465ca67af2854e90d6db46cf332623949e90ab4d37333baced39a8cfd2a883bd3dcd33

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
                            Filesize

                            859B

                            MD5

                            930a7081bcc7b94403305592f5f8b113

                            SHA1

                            55ca0c55af1cbcebf54c94ba2ac43a626eb0faa8

                            SHA256

                            5925ae5f3c737f90b40e0e698d33a132042c1f1c994b751eeea97ba773603847

                            SHA512

                            e38976d0ed53336297dd6682a1266084eb36a3e706680ca25248c8f242298e2a97ab9c79b1404e4a2fce964171e0cab11e5dd74e270324c486b817310714601c

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
                            Filesize

                            1KB

                            MD5

                            5ca14edb78269b90d20b6d94f0627e29

                            SHA1

                            c0f35649e40be5e7674680f926e54c1d6f71e2e0

                            SHA256

                            a97c9e52727760fca12e0460eb6cd5fa4abd051d45b94de66becbf3e8f4aed89

                            SHA512

                            b7c929cb4d1bb21d1a203395b91f42b30686d4bd8ee4acd53556fb0ed3cfa6d15d734fbaf30ef71cb9228544d7057658ad67cb978b8936131cdcce9a824ae4dd

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
                            Filesize

                            649B

                            MD5

                            74ba39c56424391810eceda0603e9704

                            SHA1

                            3f3114aabf8f981dcc8228ea86b4b3f0ac3d1c26

                            SHA256

                            299d18d40699d242074f45717c0f13cea2dc0da2e13c3561b495096937e6f250

                            SHA512

                            c37f32473b51a30415268870b7ce93a9af935764696d3f6b92854087db1689043c7e614011857f86abc6fed376ac6944f039f8fc4569f1e0a1fd75865ceb126e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
                            Filesize

                            264KB

                            MD5

                            ed9d14f456c7b0a459aa45effb8f08b4

                            SHA1

                            9b65f552e410d85d1886451851cb27e721ee7716

                            SHA256

                            4d3378cf69e1c767b9076f2f7f569bcc261f1147ef87c91dcae07f587bf2232a

                            SHA512

                            a48608df682f57b058015b64dedd92b2b97ab0f23a1b7357f28e11043718f2f3b3d564ff9aeca637f5779617b9f69118574262c0101fc6c32b91dd0ab176a7ba

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
                            Filesize

                            1KB

                            MD5

                            3c89f06657175475b8674435096c0ad0

                            SHA1

                            f5f5a3ff5f71f99de57f7e74f742d5f3685514fb

                            SHA256

                            d2c41f3cd8cb7da7887c33893e457905867ad646c455dbfcd74fa5a527d52eb6

                            SHA512

                            5e9ded9c21a8a1008b4b7efe4a4672fcd1bcbbf3a528e1ad9d589a6732cf33b044fc8440ce1a76b9f90169dbf9fc67040448ee5c580bac60fdf904dd83b8fc14

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
                            Filesize

                            1KB

                            MD5

                            a35de9df82eff9a7101633d05cfc3743

                            SHA1

                            fe16253defaa7ceb7bbb8dd91b7eff063011ad8c

                            SHA256

                            04e1c531e866501d8f1f7d8c0d6bc0d18759807cd64a6d618aafae7acfbc0558

                            SHA512

                            29711ac467a9160b9fe41f1736ac0c056a735f247179d67c982b5ce2bd27d15b974b3c10a456e147e38b73c6c576da48d8bcb0df38fffe091adc090c435f486f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
                            Filesize

                            44KB

                            MD5

                            d4851cc2df28a196fb1d98e00ea1cbda

                            SHA1

                            9c8dac168f9eb36c5d78674c4410ec7c698823ea

                            SHA256

                            df0660435a79f823c3f9c959be19f49d3ea03fe84565d130f08210814871854b

                            SHA512

                            fdfccdc6330d96594870af3839a22a1a15df151630b8b4c6c6afb0c315483c66b6191964479a6afb8fd57d7d456bde6180cb7e70698ed7ba390f5a99d374920a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
                            Filesize

                            264KB

                            MD5

                            6199976893acb84658a427869dcdd5ba

                            SHA1

                            b346f5749c087e0742ad879f3ef6ead1755e0e33

                            SHA256

                            f1e104f6b3a05de3421c7e7c6a836ba7e16f40c7c385624b8d8682c7f0410004

                            SHA512

                            ea5ff41422dde2110784705e9ed15eadb431ccf7a5be720375560192fb92d50177c7068292d95014e341dae6d5c2ba4de60a36e73d74349cb11edfe752dfa6fe

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2
                            Filesize

                            1.0MB

                            MD5

                            edfb7db274cd03b1e418cef76d221fc4

                            SHA1

                            e291a5709a44ff04ae4940afdc6a79279e26c1f1

                            SHA256

                            1ad8a95455317ae96563865b15c99aa76d077460071b9b7115095da52c17946b

                            SHA512

                            26b0e98ccaea0524bc8553ddfa29d1ec54f5b757dcdbcbeaa5d603b70ee6217a36321698ff22cdb63130de9903d062eedb6de310a131d6211a79d042d9be2afb

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3
                            Filesize

                            4.0MB

                            MD5

                            2e0faaa4b5384a0761b6060259a1f22c

                            SHA1

                            25cd3833e2185b983a5644046494ff5bed97e80c

                            SHA256

                            421070d6d8b16ae591c9f9845677555dc0b3ae313e44737810ab10d6997824da

                            SHA512

                            a93e617711f2a722c43d036556ecd904597f04afd158b2693c6178573528c44588df2aa8f5f7d7d09f45171bb6e80ae5c5d5afba921421757e590edf54310ab7

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
                            Filesize

                            1KB

                            MD5

                            fd5b3a542973b1d019e521205a13f45c

                            SHA1

                            3becef18fea70b00fba396765201ff2b8991899d

                            SHA256

                            d1b6fd19441c901135faa45b0b815434eaf7d2b1381f11a77226c766a8ab1187

                            SHA512

                            b34d854396f54135fe86adb544933f4b4313ef11dfb9298b52783fcb18fa549713c9e0ae2418405530387969368d2ac80332e9be2c76eab3993cd9fd4d66f11d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                            Filesize

                            20KB

                            MD5

                            1761e3da3953d5aa332a1ce04383e235

                            SHA1

                            32a05b812a5aad04fb88c94ec2340e115cb7b6b2

                            SHA256

                            0a348da2637f76077c949a0c659b4761d99366c3ba13b0fca7c4f1536245575e

                            SHA512

                            fa300da4df7dcafaf7cd641985ac1f51174ed13e447c66881c67e64a2ceb194804320141d56beecfcc103638a9cb0d8c345070f619996b914ca5b6d063d92e49

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                            Filesize

                            1KB

                            MD5

                            786c558788e6671b273bd7c6ca866a35

                            SHA1

                            924b9fa9172bb572b0d9b984a8760778fcdb5dd8

                            SHA256

                            cce0ed2fdd26498814dbeb22bdffd9e07bfb084bb42fc94b33d6223792fadaf8

                            SHA512

                            103731e03afdd576f18c6fb1d269770dd53ef0b7e2f171d3dd63fc3900edf748bf8f5d594cfa996739b462ddf9f7a0f59d6cce5d13e96c2ce543c544de95bcee

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                            Filesize

                            2KB

                            MD5

                            9c97297575ef9a81b28b0cbd24d5ac7d

                            SHA1

                            f0f3b0f024ec954b23f44f70c438fc4d26db7100

                            SHA256

                            c4c0022275e68ba410803a2a80df7f04fb78b712e56f3f3b44c1be8106cad655

                            SHA512

                            00eeac217335baacede5c878647f7240541f264e14bf8162d457b5bd7aab9f4a062c9ded21cc2223e4317535b27c0b6a324d27f9ca6692299836aada077a52da

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL
                            Filesize

                            36KB

                            MD5

                            972cf964ab9d897959ce7d0ba84c4c97

                            SHA1

                            5da2fd8ddcb437ce6ed1c5a73b787c6202a98851

                            SHA256

                            fd7c0be7a823ef114da4b2f4fa25cadd34a8745cd8d643cfbf35919bb654b0d6

                            SHA512

                            9cb891baa6cb9a0cbd774f58f7383d5e836d95d27f3447bcc527ce40d335db5c11967a73ea808e20eec4dcad03fa3cb3fac7804c950be7df35807f9ce5b880b8

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                            Filesize

                            2B

                            MD5

                            d751713988987e9331980363e24189ce

                            SHA1

                            97d170e1550eee4afc0af065b78cda302a97674c

                            SHA256

                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                            SHA512

                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                            Filesize

                            356B

                            MD5

                            ce263be4d951717a11bd2b9fa5b7d71e

                            SHA1

                            622c94d4d669149461a61395d1219d1e7bc46a2b

                            SHA256

                            37d5fec9e3eb5569c4e67e8e66f3c83cf2b6c08a87dc638480cdececf02c40d7

                            SHA512

                            7737a9c919459a72f0f88d7fa0579a65c69a40fc8f1436ba12821501e1bd866b5b1207ece2d411919fa73aef0e548d58e37328b80d30787638673cd71b0df546

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                            Filesize

                            1KB

                            MD5

                            ea96ba98f5187e1c1d04be0136c16dfa

                            SHA1

                            d3e89241e3424bc2991c252b768b3d7c9ae01690

                            SHA256

                            bae4eca7823acb342b8782dcfe0687e25a441b060ed749bf74110a06efd56d16

                            SHA512

                            c625b9792390d2eeabdeb67c214bb498b3900ceb9049b61f526f9f87727b1660d0bf7679ed1c37e8571919ffe5b6f6767cb1116af3f2eb72c7d91af756258d8f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            8ed3a288461216d5cc62dfc6c1a75e8c

                            SHA1

                            614fde314adf21b48c23b32010531ff945ba7106

                            SHA256

                            065f08442002d3a433b47e8b9ac0fe386f26235d07e9801f8081b6ed241bba73

                            SHA512

                            09305e15faebfb122bf3e6c4039f360721f759a912220f810478f3f04ea05d0242c964d8f3c8d37ec021faa977cac0c156e6f55879c4a547f2be4a22cde75ae5

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            10KB

                            MD5

                            18c61714ffca60677ba1e1ab85a0c72e

                            SHA1

                            0c0371b8185f3fbab5951784fbee6a7dfe51ef80

                            SHA256

                            15855254b57a146a0c09ad678cbbff0c00fae54d5340061d1d60eeb8d9360695

                            SHA512

                            8696188d6b1ca0c27aa9836f7d452bc51ddf605b3bf401cab55f7211f76fb84a966bff34d5bd618a54af79ab83ee2175b9eed68c1353adccb006db1f40badfc2

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                            Filesize

                            15KB

                            MD5

                            c01d55b0d079730cba5dcbcee4e24702

                            SHA1

                            bf6ad935c45918d4269f497e875ba6d1795ed5b1

                            SHA256

                            a6bb7fbcc559f3b1f68ce5821777451dcbd7d81037afa7acf5820b1f812233d7

                            SHA512

                            f65dc2dafdf93dee6c3600eef345e196c43e2a12e009ca4f0d5ed0b7cec984bcf91943b20c68961b583aad4572b0c78bce7c9a8b580fe8e3a1a9b9ef6ffd207c

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                            Filesize

                            16KB

                            MD5

                            2a55dc3c2b6bf639f6ee044d46d95ce1

                            SHA1

                            6a033e2f84b7315a657d89722b9c4fd206bbde33

                            SHA256

                            951fda715cbac1c7a78332849e741464e81ca2361ee93b39f006e19bb1b6a554

                            SHA512

                            52345c6a1dbf47135ef3dea872ef04da13feacdd2c8d9bafaeb8a26dca4093282078d585b8d635827e8c7a2a4f8fcfbff757c5fffb1ec5748e1479d3eebe8dd8

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
                            Filesize

                            1KB

                            MD5

                            37da1a52f09a4bd87a95cbe282a771cd

                            SHA1

                            ab47fb756995476db181a928b2e33eafc90e60d5

                            SHA256

                            f5f68d4a4727632fd7798a83f06c7d9b53a590be7f83317a18ae15759219570a

                            SHA512

                            3ead959f5f25715c496710225b2ea545f50f66281615f4aecc1d46c5a3453a52f3bd1c04930172c983461896fdee4e99d3a1b148e8e56bcad516e8aab5a804da

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
                            Filesize

                            1KB

                            MD5

                            c504f8871f32246fd5fe3cda50e31181

                            SHA1

                            56df34dc024316e934d7e4b5df8683a336c4c255

                            SHA256

                            18f0a114f2a63440e857572e714b3b91b184d458ace51e3dc944d643257baaa5

                            SHA512

                            725c70593b05cc77b8f0ed9886751e18f638c4a1de7609005e0e3b0483df158eef1a81e48d4c336ce3c9d566d33ef8a1c8cfdbb5b59521a6f7e56bc2bcbce998

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13376789705994808
                            Filesize

                            3KB

                            MD5

                            373709aa679a3cf0d9b76f950f9bd7c5

                            SHA1

                            303b1ff00d34ae7df9c6519989d64db2c9fe71f4

                            SHA256

                            844e88e0836146f9fc9886c0f6dedf9cd4870d7a53e1210dee32b53b49007875

                            SHA512

                            5035e5b20ec737f3394a3d84859b9a412e6dbe9d1685d90e56bd6476b3a36cdfbc1b6af6ecc535cc0c132043fd8160827a634271ec53609fe4c7acbf6fe96588

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
                            Filesize

                            1KB

                            MD5

                            52d9189a369d62c03af2de61a01d7329

                            SHA1

                            d027d7cc76bf72ceee81c9b1a43aeb3b24ea0378

                            SHA256

                            f268032b7cf249d4bf68fb91ef3a5526c6a1923057c617e82e048ee1ba2e362c

                            SHA512

                            0861d7e63fa2c83245f5095062cb346aeaa7f7280c5fe0e5e41ca8f6ec2b8416b7e3a33454244b52507b8db5d81897b1b6f44df752110f8ee1240f9805d9d8cb

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
                            Filesize

                            1KB

                            MD5

                            6938f3c2308852f41cf4adc19a605754

                            SHA1

                            c8c91a37dfcff34fd3d45fc98a013e6ea2a08d40

                            SHA256

                            6aa95b191151de149a5ca42e6ac14353636844eb9475c25dffae01ecf3586b3a

                            SHA512

                            635b96010055e59b7645e68d72859c99c7f4f649e01c1df067ebc112ce8db0abb297f78342bc75694959836d050cf3c95593a3b106f38829ee6f74e6bae7f5fa

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager
                            Filesize

                            40KB

                            MD5

                            cefa092d1ca979fda16607a0f259fc09

                            SHA1

                            29b636134b58715370774ae44ec1de0783727dde

                            SHA256

                            daae4de02622629d05e7ba5721ea212672fc9a8e4cabb90ab01ec6f5b03b8ae8

                            SHA512

                            f4a9aa91e71ceaeebb91999c2b9e108a4e008086135cea14a19b18f38cce7d5fbfb8e33d1a8a7c1e8e37681337301c239f36b61d714c82caada511728562b01c

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
                            Filesize

                            1KB

                            MD5

                            b8f7cda985ccb2a0d39b94889ec532b7

                            SHA1

                            629a164de036e2a42c91cc0455bcb9b29e8198c2

                            SHA256

                            b295dadd5230da7b92251586e993366f2cf528a2c5d46d3e3998a9fe3fadad27

                            SHA512

                            bece351604d1e90fed350f7baccd4facc25be4c506131a9ad0fc73b217e02bec1c9a45474bff4be289e502213f21f8e1163e920c4ae754d3277e407ccab721a8

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
                            Filesize

                            1KB

                            MD5

                            60a392689a92d166a95a0b69cc046e6a

                            SHA1

                            a3e120e245d7e32d5aa218c30925331945ee4ce0

                            SHA256

                            8bb58fe6dd4979ea6d069f2f375a00eb73a114a9e5e5ab0d2748faff41ef0ae3

                            SHA512

                            c1d72ae9cfb3dfb5db8b77cae30a08d6a44a8276c7dce455ac2a26ac8f6c070966f4496e4da6672f8f0cd6c843d5cdb6b7c740336866ec784fb12bf663f4f5c6

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
                            Filesize

                            44KB

                            MD5

                            32102db0d48f950b023828d0e12b3393

                            SHA1

                            3d4d370b2e4beca953c11a5ddc71c0dc8cca5f49

                            SHA256

                            36d6a76a9b6e285f9c24d0c07576e8142bc3cfb143d30c8cac225f17529f5087

                            SHA512

                            d007cc30952971f9fd1f80ba46acaad008a7ab3afe31f830c359aa3aad56da81bb36917bb415c9d22d533587406fcce6193d567f7a7779171cf9b9a0954fb2db

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
                            Filesize

                            264KB

                            MD5

                            a2b99f58be432967fd562c2d4fb74fda

                            SHA1

                            924f2092a6d63f7972f41686acc48846cc888ca5

                            SHA256

                            32b2e1ec41bf092ebaffda1a024bd0045e59de52e79ea0f563e4a1a2b23f1cf7

                            SHA512

                            273aee3975cf0ef720b5db4a2393d522ab0f45f45b46add69d6ae64e2881524da8e8055cf0d0a5d1e9938424bd6730a35137d0a0c72ff3c8653a36a052f46955

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
                            Filesize

                            4.0MB

                            MD5

                            f9e43691c768dcb5c3c3937570040cff

                            SHA1

                            61787e476c7d1a7266ace274d7447b5bc7a46816

                            SHA256

                            a365e6d6c760db67acc7b7d04e8eb40ad9089ca879a2a0b0bab5f07c97055ca7

                            SHA512

                            5ee99e5296b2b70e342f2046d85ef13a65df6c90c1909ca08830e6b19414fef3e590fea9f5637b5de7359f386f90a7f133a69a82fd6d31690f2a91d381edd0e3

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GraphiteDawnCache\data_1
                            Filesize

                            264KB

                            MD5

                            0db43dccbe22897934d6cd085b9bdf23

                            SHA1

                            9c705e3a7e3e4f5e456e9df1fe84aa40eafd387f

                            SHA256

                            3c6500854a4eccb7dfcce8a5058a66caaacd0f5768dca61650f315ca41bda771

                            SHA512

                            b1bd37dc2e1e337e7e1df658df05109b5fae512562e2bfea7e5175a2d742c951a08194d270f2ed3cc3b9c0783dbcebcb20df686f73e0d85785b161864040dcd8

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser
                            Filesize

                            925B

                            MD5

                            ef6204d1c447519357b5fd217f782a07

                            SHA1

                            37dcb24929c9c70f2f371cb7cb0b01ef0c9dc24d

                            SHA256

                            d6b16c80dd78cfb5aa746108adad85f1f33459ece1d9c05657bb919b445328aa

                            SHA512

                            14608a36cfca745fca5a7b2f178aba65d52c991af1653e67a0492684943a05d4beb6da1d703c903b8f31548ac314c3040ff3bfe4a1e6329abe63d111e93c7e08

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
                            Filesize

                            14B

                            MD5

                            ef48733031b712ca7027624fff3ab208

                            SHA1

                            da4f3812e6afc4b90d2185f4709dfbb6b47714fa

                            SHA256

                            c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

                            SHA512

                            ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                            Filesize

                            234KB

                            MD5

                            67504afafefd8527ce0f0c5afb9dd486

                            SHA1

                            0b317a82fc4014237674752bca0bf7ef780c0dcf

                            SHA256

                            360d8a39f31d73ed4f8400e1649af9ac92340a34793a7c7aeef02bd79e0a4d05

                            SHA512

                            980ef467fc639d584a90e6856818c01e5b31d0c276a3fa4683f02d0133ba5703bfc0be86f4022618f5567a9c5fa1efec68e8ead06519259cd466579c3f2db868

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                            Filesize

                            235KB

                            MD5

                            024c920ca941a5b0d794bf6bf5d3f481

                            SHA1

                            2a157198c2e219983f3aabc2e124a50c6a9a6968

                            SHA256

                            a2e0b0a7063442f9ebbb3367d2d193edbbeb02fd1ce6034eb3f7b12fd91d0251

                            SHA512

                            e6b52106ded6935963b0ae12f019c4ce2a9692daedc3e2b321326276bfa8fb8b9be813d13cc6749c550ef6490a15831eced705e47488f6038c1f14abb717de36

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
                            Filesize

                            264KB

                            MD5

                            f50f89a0a91564d0b8a211f8921aa7de

                            SHA1

                            112403a17dd69d5b9018b8cede023cb3b54eab7d

                            SHA256

                            b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                            SHA512

                            bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
                            Filesize

                            264KB

                            MD5

                            16bdb5cd3222e70d3dc8223d20fca109

                            SHA1

                            71de75edd74b204a1ee5377d5719cb8ad72fc843

                            SHA256

                            9c70b466720c6fc1f070645b969b9c9c66b7d7abeee9575ef2f0666512ae51d4

                            SHA512

                            72e90914cf4c70860a31c2cb86cd5f3f2924eea3fffd44c3171131749c81b6fdd692720b26268e322dc9e24f2d40458d55caf64409a000b6619d799ac61a183a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
                            Filesize

                            904B

                            MD5

                            bded23322341bd09f87dd22f01567ca1

                            SHA1

                            c36dbe60efb0d0de39d84135e7ee1332a25fcb07

                            SHA256

                            46a620e0967cda45a21ad6682310d4bb85df4dd73a4516259e316be14caf35f7

                            SHA512

                            6d8e17b7ec02b9ab6b96768302970c137b1272059fccb6956d1567f1d365e3e8ba1c68b18b2f11332aabd715e408750fef5dfefc67a84471007341c48ce4fd10

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db
                            Filesize

                            48KB

                            MD5

                            24981129047fabba60eb9ff14480a7f8

                            SHA1

                            8385e8257ab3e09b877493ca35fc67871474d8c8

                            SHA256

                            5c955a1fc712aacb226c173b5d30210e241ae1c3fbef80cf31625357e64aa5f9

                            SHA512

                            39d3f5848d1ef4023403dd01937a6ab92df82eaccb062ff1bbc80110fd47a1852ddd6a3223b401f71e1d1e3af80d2c708e97c10546817548bd0a69d6f3f1571e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\first_party_sets.db-journal
                            MD5

                            d41d8cd98f00b204e9800998ecf8427e

                            SHA1

                            da39a3ee5e6b4b0d3255bfef95601890afd80709

                            SHA256

                            e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                            SHA512

                            cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                            Download Submit

                          • C:\Users\Public\!!! READ THIS - IMPORTANT !!!.txt
                            Filesize

                            2KB

                            MD5

                            1ad9f49d132a3a0cb8d72f528d8027c9

                            SHA1

                            9067822f3059f2e4a4f634ddce2d14c0adbc14b4

                            SHA256

                            9830ae9d40a9a2d223cb570a8ea8496656bb063c98f64311001e05bb15507e10

                            SHA512

                            f3178e8cad45fc9122606b3000d0d41d7fd8deebf5001d66f1fe2323772e1c258f1c2613c62c86c2b20746e26bfd610f51cea7de947b3ace631153fe15df98db

                            Download Submit

                          • memory/3436-190-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-6-0x0000000004E00000-0x0000000004FC3000-memory.dmp

                            Filesize

                            1.8MB

                            Download

                          • memory/3436-5-0x0000000004E00000-0x0000000004FC3000-memory.dmp

                            Filesize

                            1.8MB

                            Download

                          • memory/3436-14-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-15-0x0000000004E00000-0x0000000004FC3000-memory.dmp

                            Filesize

                            1.8MB

                            Download

                          • memory/3436-0-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-142-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-151-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-4-0x0000000004E00000-0x0000000004FC3000-memory.dmp

                            Filesize

                            1.8MB

                            Download

                          • memory/3436-2-0x0000000004E00000-0x0000000004FC3000-memory.dmp

                            Filesize

                            1.8MB

                            Download

                          • memory/3436-3-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-25721-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download

                          • memory/3436-1-0x0000000001910000-0x0000000001A0E000-memory.dmp

                            Filesize

                            1016KB

                            Download