606e9a38a5a45e7600ea455b26e5416cdc94abcedf9f6fee9244ff14ab5d15b0

Analysis

max time kernel
28s
max time network
30s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
22-11-2024 07:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Secured Audlo_bamcard.ba_7233203485.html
Size

6KB
MD5

96f45df8c5c31c187b8873a83eaccb3d
SHA1

d287f5a2b851776335cab6ef6d8586fc321eaabe
SHA256

606e9a38a5a45e7600ea455b26e5416cdc94abcedf9f6fee9244ff14ab5d15b0
SHA512

a98e2ae5c489f45f7525e5fcfa47377802dfab3b4947581f79ea05411268e261777c738f7b5549a32d9b2b47dbead1c284edf0e6ea9337f3b245f05f1c7f22fe
SSDEEP

48:z+I2RWZYvq7+CCEYE8kh6BGz22zjMYcLEYszRYLVOSss1vAnYlztYfe2/Kz6fI2n:KI2WZ+SM+HtLMd5wT

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft
Drops file in Windows directory 1 IoCs

Processes:

chrome.exe

description ioc process

File opened for modification C:\Windows\SystemTemp chrome.exe
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

description	ioc	process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133767355580733809"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

3996 chrome.exe
3996 chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs

Processes:

chrome.exe

pid	process
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe

Suspicious use of AdjustPrivilegeToken 56 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe
Token: SeShutdownPrivilege	3996	chrome.exe
Token: SeCreatePagefilePrivilege	3996	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

Processes:

chrome.exe

pid	process
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

Processes:

chrome.exe

pid	process
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe
3996	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3996 wrote to memory of 2844	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 2844	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 4988	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 1052	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 1052	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe
PID 3996 wrote to memory of 3576	3996	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\Secured Audlo_bamcard.ba_7233203485.html
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffea042cc40,0x7ffea042cc4c,0x7ffea042cc58
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1752,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1720 /prefetch:2
  2⤵
  PID:4988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2132,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2320 /prefetch:8
  2⤵
  PID:3576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3060,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3068 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4252,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3500 /prefetch:1
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3076,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4532,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4544 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4796,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4500 /prefetch:8
  2⤵
  PID:2280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5000,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4904 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3052,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3260,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3200,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4648,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5184 /prefetch:1
  2⤵
  PID:3200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4624,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4612 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5284,i,5507670108034600544,11571969577702181864,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:4068

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1684

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4172

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c99db83bac34e07e0f7ffaaad1160657

SHA1
88ced6d9c019947dca4780935861734b5a01fe88

SHA256
794bb97713c4d0b256f1ea8a2cf112bc6dc26c788f73a05c5e1ed4f5b934ca24

SHA512
faf70526619e024d1f28272fe5b66e90bb2a273e243f4218ee46cc55e9709dc636123f75aa6ee57280b925b1066cdacb5f3ed01a3e1c6880a3eb834ddd81efdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
561f57e1f6721f2b29f0e0db8c39c02d

SHA1
fcf87a4efd7ffdaef000b40b73e7c4b265240329

SHA256
1b7944cc0e8e9ba22cfa234e59809618b587cfdd60f35458fdb7089202eb3f58

SHA512
3fe704a36dbb5f169927cdf90df250b6d60128b2f05e2308b22b46d8b4c6812e4ab93233c7246def2e1367e668a1f4d0dcc9b8fb0db39614a6c201979cd9d8b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
2b4ec060d10b0f2c55e9cacdd7b19b38

SHA1
3a9421c8ed67b29ce6fcfad39d6e7869770113e1

SHA256
1c039cf8c7c60b49c371fbca5c6e2e3255173233675f2a6dd46ca3fed09f3fe3

SHA512
f5778998d82438c0049d9f83d6808b99db251d9739261bdae8cf3e8d5bbd3cab9a01477cc31b64ba049bf1047ef1ecc2a6fb17713e1d8cf16e275d33f0aefe62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
cea4e9353128a54dfdb7195b5cff4595

SHA1
86ba5199c0fe39ad086ffd32d0453fdcefe7c82a

SHA256
9514c881c1aa7ecc765c55ca79916911fe6feba95383ddc40d204187793e10c5

SHA512
e428c3979c600b13a6c7313c2fad439ab84f860903f6af34a0e7882a6b98bc1b7536ad25dcbb598b51ec25e7bee12c251f774831147a85477e988fd51f42314a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
ca55e87807be954513031f75c53ab5f9

SHA1
360a73204a685f6410a7993b0e398977479d5633

SHA256
935546ea49fe63fec26f7c8efa3a6ab4131132d84047374e73b960527fdc9e3a

SHA512
ccbd8ba3d99b89bdfdbb6c3ff67bed50739d1dc7ce753da7d7e488c13d7977233e8047f0531e89fd150f9d52d5ed6cfe2d735bd6cce5bd20ed6854a81e4dff16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1020B

MD5
8f2a93f849a20c72a8165695acdb16c0

SHA1
e7bca49646393a01e1faefd0abeedbb0348c4966

SHA256
592393634a2b0515b1396c5e7e105a5e913e1e15741e3a98b1b77888ba6a661b

SHA512
a0fcac6412ac8380fd6ab33438325ec4b2048ca4cb0efa40fb4ca8530109b006747e2079cc2ad5928bff27a6d0b07a5ced13d0c621a634af9b696c5ee363e954

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d6a04bdbcaf6f7bb406106b7acf0fa34

SHA1
5b7ea889e04157e826027d375ef33b3d09f65dc3

SHA256
0624fc5cccf9f9af1f4c7abbc81d122773814737298f0293172b036f6998e11f

SHA512
a3b9092b71d8633a79cba6833667b9a7051960fa034f4b2422c6c261c24dc239f1aa7efc77f5850ae96af36186d450942971283af01d17064d53f13713a3913e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0722c74fa61d5c42bf4030c44aa56dc4

SHA1
36d5347a0ea2d1345b565a3d1357658ab948c39f

SHA256
9961aaf2f80008d127d5c478e8a682c46c6de46591202c787d797171faeb5e4f

SHA512
076d9ff68a870731860dd13136d111be3f235ff29e3dbab23cde34dec721aece76dab3bd920a38cd4b44b95437bb7c931be8d90c1195f16e9355c5e762b3faf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ae8a4f6be0212df50d29849a4eb34c5a

SHA1
071172df7cdaddb77d8dcde78dddff12ac673de8

SHA256
a5c45cb95dcbcbac890c2b3516e335c04bde06bd165ed66bb0c3ade0e3667849

SHA512
7cde6f8eac84c4dfb40bcdf167a198561e525f6ee75b41996e54d3bd119bdd7f5c6119b4ea9813f0e3d43f78b7207270adfde247cef31f16a2b2d1fd078a7020

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
78c9ee152e0ff0fef69df4254ab43ee7

SHA1
d923bce0a97784b39c55bd66cedc2e07254a8a55

SHA256
69a9b6cb192ba49016e3f32dd274ed4e02ec87cea41eb91602bb87d1c40598ea

SHA512
20076f5c7142d769bf01acba7a8f142091e20630f144f3bc26616451fe6324af403e6dba39fccaf6ecd43b56be573c5f5c06e864dff8e58fd55541ad2182558d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
aba026d651ee97d41279108c3d03eba4

SHA1
9c1288d467d15a7b2b94215bfae1f0980a9366e4

SHA256
ee732262ce079599ee643861b0c459a51d9f1ab19b34adafe32f839070a05842

SHA512
cd196e99545c288544928cc01801601b30a99046ad33858c62e5f91dc6db2702cda6706b813086bbbd6114e5c4abcb0f8d2bf132d81ac2045613b3dc9233e1af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
\??\pipe\crashpad_3996_GFKYXDRCBRRRFFCM

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit