Analysis Overview
Threat Level: Known bad
The file https://bafkreieeplpko6ctmn66wb7dqlj5y5nxl3qcvcjhgeuppr75ugjh2i3eie.ipfs.flk-ipfs.xyz/ was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-27 13:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-27 13:36
Reported
2024-11-27 13:38
Platform
win10v2004-20241007-en
Max time kernel
149s
Max time network
142s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133771881893533901" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bafkreieeplpko6ctmn66wb7dqlj5y5nxl3qcvcjhgeuppr75ugjh2i3eie.ipfs.flk-ipfs.xyz/
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffeba13cc40,0x7ffeba13cc4c,0x7ffeba13cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1828,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1848 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1832,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2068 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2280 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3180 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4596,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4428,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4980,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5272,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3316,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4924,i,5984205299371807636,13185777428573469975,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4624 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bafkreieeplpko6ctmn66wb7dqlj5y5nxl3qcvcjhgeuppr75ugjh2i3eie.ipfs.flk-ipfs.xyz | udp |
| GB | 159.223.246.219:443 | bafkreieeplpko6ctmn66wb7dqlj5y5nxl3qcvcjhgeuppr75ugjh2i3eie.ipfs.flk-ipfs.xyz | tcp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 151.101.129.229:443 | cdn.jsdelivr.net | tcp |
| GB | 172.217.169.10:443 | ajax.googleapis.com | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 104.18.11.207:443 | maxcdn.bootstrapcdn.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 219.246.223.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.129.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.11.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.2.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ipfs.xyz | udp |
| US | 13.248.169.48:443 | ipfs.xyz | tcp |
| US | 13.248.169.48:443 | ipfs.xyz | tcp |
| US | 8.8.8.8:53 | www.godaddy.com | udp |
| GB | 173.222.12.13:443 | www.godaddy.com | tcp |
| US | 8.8.8.8:53 | img6.wsimg.com | udp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| GB | 104.91.71.204:443 | img6.wsimg.com | tcp |
| US | 8.8.8.8:53 | 48.169.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.12.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 204.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gui.godaddy.com | udp |
| US | 8.8.8.8:53 | img1.wsimg.com | udp |
| US | 8.8.8.8:53 | csp.godaddy.com | udp |
| GB | 2.22.68.9:443 | csp.godaddy.com | tcp |
| GB | 2.22.68.9:443 | csp.godaddy.com | tcp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.68.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.163.245.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.12.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| DE | 142.250.185.99:443 | beacons.gcp.gvt2.com | tcp |
| DE | 142.250.185.99:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c67.gcp.gvt2.com | udp |
| DE | 34.32.10.90:443 | e2c67.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 99.185.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.10.32.34.in-addr.arpa | udp |
Files
\??\pipe\crashpad_1208_ITLDREMXYFRDMSQG
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 8a49d914d18d086fcea85a27667967b2 |
| SHA1 | c487f437c9e76b8dd5cd25661dcfcde2be9194b5 |
| SHA256 | 655ab83b18f5d366de7c8b9b09fc9884b0a107da94aa5bd0e5fc9437fb844f4e |
| SHA512 | 3d0e9830d928bd551c4e2fb8d891cc8a70f69d754c906f1594430741cfc71e30c6bac92ddb460b76066778631454c6493cf058764764e76e52db7658947fac7c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a4af769578c6d6542f7ef602f2f5458c |
| SHA1 | a9e3f3f2699a75208c245603c28a2b57200e0d6e |
| SHA256 | 866cd9565b718472f8afcc1f572f11a369270f24639304bf07fa7a6ff0117a1d |
| SHA512 | 970dbf55c4a5fee69e272cff93015a9d9d521f4ef38d66bf8886fcc23631279c3d5862a1627bf16fbf379612687b3ac22bfaed8d92ca5ae1c04e27da552bc6e7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc93e3d5728f58d9d20151bb7554eef0 |
| SHA1 | 535037742677c27e3ee47942895f805af3a7f79e |
| SHA256 | 294868dec7ea90208b866174f4d730b31a56d5bd74ea447abf19a929f7e283ee |
| SHA512 | c3464d9ae41038b88b53503d3b711de48bb616ddbab82f068ab4a00d3531dd4476a8c8b5d4f86d5193a14fe9ce28525593f14ce94f100889ddfb6a025f534d48 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7b1393c9be7c9819f6c356e4274dd470 |
| SHA1 | b73ae19b43bf9ee687812cab59b1229c81bc5614 |
| SHA256 | 8f374aa3c67dfd220b98a1dc81889395ad1f497a71adbc3c3886ea9563d994fe |
| SHA512 | a9229c00810a3fcecc245dbff956b2262fcf0b5d67686eddbb72b5b1fb8dbdfe0c7b9f81970e49f09c1dcdd977fd8546e052b99c30372194e98b6037d532cd3f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7cd1791fda4d5f2c38f966c457ebea1d |
| SHA1 | 514de21f90ca9feac979ef5831f362cd474e8679 |
| SHA256 | 0d46d247ee748cbb7a660638235c98a5101a308eac66716af591365637996f70 |
| SHA512 | 2f2278bd6baa5869e458a46cf437c61ef82510987cce6c5af52e7fded032371a32f01771701c2a6517c868a6bc6cafe326aa1ea417420d83e366d95484d42779 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d3dd0ee66fb9c20175659f38a4230641 |
| SHA1 | 649a2255a03a3ef85e96b6ba8a2e92ea850e6be6 |
| SHA256 | 226ff54104a0ffcc628c45f58dce1569de619fea9430e53a371278c22e5349fa |
| SHA512 | a75d8049725839585e4a7e682b5cc6ff289c1fe7ae1f87dba89d44134cec1173828ae0f84a22b98f5f1f8388e81cfb1dfcdd8392c1cc04d185dda33126bedf64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 2be38925751dc3580e84c3af3a87f98d |
| SHA1 | 8a390d24e6588bef5da1d3db713784c11ca58921 |
| SHA256 | 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b |
| SHA512 | 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 118cf194c5f797b7e513091c6c186ebd |
| SHA1 | 14e6ec4bc5ec65a6b0535ec040395970ac3efef8 |
| SHA256 | 3d63b28fbd8acbf958b2fa1717c2ff69e39f41bea44cdbe14cd6d1a343245219 |
| SHA512 | ed15c0304ace4a8a59ca8a1948c1211836bb9af1f27daefa430660c2782492f1f4d4d8c7d9e35bc8cf58acfc34b4ea32ada71ff13d79a87a2eb00bae292fdc10 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b601df40671acb511b428178858682bb |
| SHA1 | b77898b7301e34a67c1145073803f7e62853a4d7 |
| SHA256 | d5878b61919ea3e891f6f674d11c209ed74b01fbbab579ad3e0737ffd85f5707 |
| SHA512 | 25ae826e620c571d0b2afdb96cd56d3df5cbda17a41ae7abffd6f8bba0bac543a08b84cb997a2b6c5a1fad61b6effb294e48773c1ca0702bbf7841d54796df09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 0fda44593cd66dba3221aa6fd70776c0 |
| SHA1 | a0d22ffec8895973d69756adb4c34f5cbcc0793c |
| SHA256 | 62f7238af6d154e959b19a23773b0b39e801ef944190a050d4e54ec6634cb8b2 |
| SHA512 | 32ebcb2dcbc7428ee30787ebb75009ed8923f3bb4bafc2332c302f3a16de0031fd0d04ab4564ff7211ed042dfca699edccaf189fb24ebf66dbe1b46701159a2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d3d04d6ac42a9694e931437af164f4ed |
| SHA1 | b4f2b51b25922c604aafc95c86e9fc6e25e17da3 |
| SHA256 | 2b1526f5a1859ded4f70dc3478824c94a0cd9f5aa440b85e0720718fde0f7a89 |
| SHA512 | 167dcc8ba35e976ec853cbab72a559b5b3995b68330b4164b18b9fd1b5fabd9256f81cb89c97be251e190fbbe6f418545d50c95eb8f872f694903e5748f7ba27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 69cdc6fceb1a1b5b068205847f903fe5 |
| SHA1 | 2fffa04b1d7a74dcb001610987a1fe2af6b389aa |
| SHA256 | 4874bdb22f70b9688071eab5a81c8c2b1c92ded92dbbffaf228888c7af8b6e9b |
| SHA512 | 00cbe9492e7ee0461961a02a07d4d5fa51a2b579bc2174392dd961149becfef61886454f31e2903cf8f90666db2a3db4f49b2d9f609417050741a4d2438742e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a54d1901b350e34548884d97945c9d15 |
| SHA1 | 61d68f0b2e5b69d09c26a479ace91e53c470cc2a |
| SHA256 | a393d2e7969fbc5e231ebebeb832b8138e73a258e61126790af33a9c0af7eac9 |
| SHA512 | 46fef7cd52444241ac8c76143ddc643a22a6450265dcda956da15785f883ce7b32e25adcd62d861ef34759350f7d663de314efd5edbd7e1be6922e23171052a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 98f8b783f1a9eb95fa4d6012680210ad |
| SHA1 | 11a443d8cd5ee9a14161efdb5377711e70e6987a |
| SHA256 | c5d26fe0dd9e685cd2946f2705381dedc8dfd1e7834938b5b58cb5de380cca69 |
| SHA512 | d1c7a6aee35c3e23bab630bfaae3e8125a52f7a230932eb614d436f27282b2ceef77f58e35000e29ed5fc7b146db269b2e31bd15490d2735dc60a087b762ef13 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c015abb9d961ab6c119e00747fc298f |
| SHA1 | 265d43e9fbb55093b84978d870938c6ea49333ee |
| SHA256 | 00e00d3bb3f1fcc260d2e6b49d88ca80aaf3cf01f56f952fa077681b5f863ff0 |
| SHA512 | 08e4c9c54a41e9a3bfcb8f0efc84a2619f8f9e3035f32357e616b6ef312b235ee73bd85b6ddadebfb23fb09a0c435f199beb0ed340c95aa6e6509e1d5b4fc529 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e0dbd3a02521954ccbb1b0a90a134771 |
| SHA1 | 9e78d37fd1a598037d47c16f043c6bb8745ac199 |
| SHA256 | fae33b2be7b5a00a8f088e686e1b0a2a060ba0c06ba7f1a3cba0395b54fdc923 |
| SHA512 | 2fc6044730603da96d8fd9c0a2fe056b735e460ae9776c8fea76d68e34920e231e2c699f837e55451271030bd7360020db653999532797cadc2e141be030f32e |