hxxps://www[.]google[.]rs/url?q=258CHARtTPSJ3J3wDyycT&sa=t&esrc=URCMUFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=HARlDJVS0YXpPkDfJ6C&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/burakyaman[.]co[.]uk%2FNew%2FAuth%2FJcVd7AenmDj8iEt8Ix6t38sD/aGVsdG9uLmRpbGF5QHVjYi5jb20=

Analysis

max time kernel
146s
max time network
141s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
28-11-2024 08:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.google.rs/url?q=258CHARtTPSJ3J3wDyycT&sa=t&esrc=URCMUFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=HARlDJVS0YXpPkDfJ6C&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/burakyaman.co.uk%2FNew%2FAuth%2FJcVd7AenmDj8iEt8Ix6t38sD/aGVsdG9uLmRpbGF5QHVjYi5jb20=

Score

7^/10

microsoft discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133772554885007130"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe
1792	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe
Token: SeShutdownPrivilege	4716	chrome.exe
Token: SeCreatePagefilePrivilege	4716	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe
4716	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4716 wrote to memory of 3872	4716	chrome.exe	77
PID 4716 wrote to memory of 3872	4716	chrome.exe	77
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 1200	4716	chrome.exe	78
PID 4716 wrote to memory of 4368	4716	chrome.exe	79
PID 4716 wrote to memory of 4368	4716	chrome.exe	79
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80
PID 4716 wrote to memory of 5068	4716	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.google.rs/url?q=258CHARtTPSJ3J3wDyycT&sa=t&esrc=URCMUFgECA0xys8Em2FL&source=&cd=HXUursu8uEcr4eTiw9XH&cad=HARlDJVS0YXpPkDfJ6C&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp/burakyaman.co.uk%2FNew%2FAuth%2FJcVd7AenmDj8iEt8Ix6t38sD/aGVsdG9uLmRpbGF5QHVjYi5jb20=
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ffb1122cc40,0x7ffb1122cc4c,0x7ffb1122cc58
  2⤵
  PID:3872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1824,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1812 /prefetch:2
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1960,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2112 /prefetch:3
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3088,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4268,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4260 /prefetch:1
  2⤵
  PID:2748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4700 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=736,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5024,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5044 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3268,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3748 /prefetch:1
  2⤵
  PID:800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3712,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4236 /prefetch:1
  2⤵
  PID:232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4464,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5156,i,12551622616903316037,14394491319333361128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1792

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1392

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5072

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
8cb606402952ca63341a6b35afdcd450

SHA1
bb4d351a42cfc5f66fcd115be3405d1957d31dda

SHA256
728da0242412b6a3aa435639f74d9178f2d1b4bdcc7bac62b03c7d2e76823032

SHA512
edf062a7426429252ba88bacdc8126ec4b86ac135e3a8189dc825ab14e8e000d7f1a550a7384835bd9067c02bfc3af15f16b0c3def11d3c1082501cb2832aff8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
d517aad40a76c57230ec176499f71020

SHA1
24428ead0b7a6942934c609d9234f160d03b7845

SHA256
c220213c53cd6b56409144f1724162af946de8f19b9bbe1a489899fde876b08a

SHA512
fc4e01e0f2726086dc4d2718a5ecaf609213241eb7b0db382f493bb0024e684f30f5acee886612db3850927714ce112cb0fcfee4efba8fcde94a88fec404ec2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
ba803aab3adb7d92c2a1ed90f43b20aa

SHA1
6d11a886dff580c04d69bf8f507a6a1b807bebdb

SHA256
6065639bdd72d03dc6c50509d10dcbb16f23de9d495cf03a3394339c6f57cda0

SHA512
c4658040ee354c7d2912112d8711ea9b221779a0190934edeb35363bb515ad26474b0f49109fc908dfb4be8aa9199b937d5ac92bee81bd2280d6be31508ffbd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
a5eb58ec19aa854d41b0eb0573668181

SHA1
4968ec211567d70e87952bcf4c4f43f0eb030a9d

SHA256
2162d0d2e40337bd1ade5b3b23b6df3d9df99ded7de5745fc6da4c8eb0b2816f

SHA512
b3a36d89b5ea08ea408114455f264cbed39d04d921b054eafdd62c9f6f50f59433113ddcef88daf01e1ad07850f256b0601ceb322369fb489b13005bff1fe968

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
a0148e5ad3b58946f7d93410137949c6

SHA1
24dea660cb24f9a68a0dc720eea3e8a0175e326b

SHA256
7b09206de9a25a456849ebd741c1a58047d3a302ffeb1d9793dd920d8c1a688f

SHA512
8dfdff142ee592e45ea37518e9274d6cbd7bf422c3d83edf8e3f278a0f1fbb58f92fb28ad21d4bd1def499ca948fd59d8f64e351e7a082c5c2581a80974774c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
215467f33d49ae56d9d6b3c1cd5193fe

SHA1
43427aad4dde736b5076b142cb2855a697d943ff

SHA256
aecd8ec8c7b2753023b77efcbf3304cfb2ba18ebcb7f56ff581eed233a8caff7

SHA512
f5e642bd8e09616149bab29d7281d844a5be492564b0a0d7d076e4c693fd79128473d7bf6accc95bd5d121c12b73d263eac2b9b852abe525dd8bdc78453a8896

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
a4b7457c6377f211c53dfbbf85d81680

SHA1
87aebdf6bf00376c3b6f67ea662ea87d4b77d05f

SHA256
c50ad7759c5ae80d6f85408764ff780fe0d1e303559da3fe4e4ca94052ac61e4

SHA512
ca5167d86b1baa9dd28f820761ee52594cf4999aef34532e582787bdbd46be67fdd226771ece0bd2b294e0b85dddd6155f02020e860d8915047c42eb39144256

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
bbba5739db16fd40f34632c8d2598cc5

SHA1
3914936c440093923260c385051fc1d532e5ee2f

SHA256
a27200de47d8cfe4bd9b04254a49097d96c7ad8f76984c31357df0d6558912c6

SHA512
1311ca0fe9b5163ea19b3d15246f2cabb3ca24c62d5aff867ddf1a8b22160f9344fb077a69d4f9428393a8cedbf37dcbdaf9aed879344aa5ffdd0bac0e0d2660

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
8b57a3ae80da6bf2177c96b22105405b

SHA1
4130a67081497e0d5abbb4f29826507601bca0a2

SHA256
cfb16343301ec4c41b03c2b5ff7d4792b83ff54f700d0280ed7d40afab05ed9a

SHA512
eeacb278e04c980ad1109673db7645d4f0ecf4cee5fa6ef1fd30238d34aa296eb13a86cc08774ff084c29f3ad84c74db33ff5ea4fcc304ed8bc278a99116cbe7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d40fca557afa9a0ed1bd234646669b28

SHA1
d70c964ef52aa0f1b63fc96f7ed727135023e5ea

SHA256
d3a7da6e9832b3f012c1f00749616b076008f30880f7083e1e4e716af2c4d335

SHA512
c541da744ead51118cf43fe31f4c18d0b97e676aa0eec84e132618a7467a198cbce4afb40d75cd47529c0de2f3826345c6f8fb20ac335ba976d943f3f1bf59aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4c65abf9cdbde6e6316aced4d873789c

SHA1
fd86e9e407694d332aaddf13a151478a81afc3d4

SHA256
014938c0436646919b402ae433b289b75191472dc04c55a8a3d04cf19a465691

SHA512
69b13cd935713865fd889ab21c71e6d9fdf0fff4fc64998dce9b1525ad1eb53831c15a2816fd55711fe2323dfec8c07c65917c13e1dc7fe418399838b92ce658

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c91793aa49c8fcd90b9a2a86006ad496

SHA1
5bc49419788b2091cadbceadbae3971b248145d9

SHA256
5f61e197fc4b2827848ad51a061d94146080f3420635fd640bbd24922f7ab8f6

SHA512
65885b848b7901e6e4a389ff7ee628db6f9528a051df8ae2d7d6581adf75b2c3f8815f7efc8595e4aedcad716434f8c9ea6dbcc2651631aa379386a384356389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e4285445c2df32c2ce087f36f191b80e

SHA1
11e299b21ff3143036532d8114a84f8ea611b268

SHA256
514e045c5e9d609483bd1e195d90fac3b783336c53c7129bc2e0ec8402c16865

SHA512
f20d8e99378dc49a03d6d7fc6a0fba9776f0c13bfa48bb0362f7e43e39bbe7b5842d4495d3e0b8051b4493b6e7686e08e431595847af59c9d98b636604c96250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a5824bbb3e63b685bda9b78a3bf9dd08

SHA1
4d8705de1bbde63c70337bfc4682cc093b1dc212

SHA256
ece9d8d26bb73d625c712215c163458d7a8e7b6f822f164282f4359cb6eee5ff

SHA512
4da9e20faab56e546b080eb25ab1947a7743782e423d10af3571c42dd8c15c7d9f7709e5892aee0ba528dec724024630bba8bcbfb030289b6c398d1103be8ac8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
de416b3564673ce251b980543f90bb1f

SHA1
67bc76988f175de6d0c58188db957213a8f0c910

SHA256
2eacaab8fde9b189e8aa5d15f3c90d329cb1cb2dba5b0cc7261b4a141cce1388

SHA512
21b63508e34a8b80c471a71f07b501b6019cde33ad50d0a96fc85e8d209596a5fec2ff343881930c01df39cf5882bfdde16c8041301e9608a8d520ff97241091

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a42ee3b5367b53a007403d06b34993ae

SHA1
fd35a16c67a1c931beb31c27edc9990d9e961692

SHA256
29634693f3a25152dac462ba58a3f836f91e9c69d67f53204bd5810ab94c4d20

SHA512
03d884f05a64909ccee219a27b1d64e8f7a43f9e1f41944a9e3af303e2e9db21cc739b76dbdcfc226523b60f9f73b8a93c4ef01abdb039195590b290af52a402

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1998abbff80ed85abf8d7b389aa89b36

SHA1
bf16e67fb4ebdd2521c4947ae81bea0af05b74ab

SHA256
65086536209b4643ac1b96c2f3907be338c962603aa1e352c48791a7758b0663

SHA512
bee94e57d5354a9f3088a94c98f662a72d708f05b6b883f96331a713fc707039d894150c71957721d22e6c78c2e0841f4de680d5a076cf6ab915e9ee8dfd38d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3eb345e4b8083ae34569e5ef02fadb04

SHA1
b29d9221c2db462fcc36a225d35746925cf1cad3

SHA256
fdf5db299d8554e95abfa71b093d0f20a8468a892ccd6e3906aeabde96e72976

SHA512
08b2f8753b6ca17abc08b2502ffb7d726253b9ced665b64ab5ef2efa0a7299e8e35d784c9ac1de6d0181639dd8c27d2f50da7faeaee369248708a1fff1b193e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2ab568dc59772fdfc5576926e44d00e4

SHA1
28e7fd6fee25036c6c1b63f75b01e78629a185c3

SHA256
91bd68f17c9dd1681260fe6ba5856726025d1f86921448198438e58580dde67e

SHA512
f1f6a39077513d9ee00a361426349b887ac26886f7e3cb89960181c1a8e3878bc76d49925c0fe8979fd8b4fbb0451c3a62e81ca65aa2e9f8ff0d5e9ae40df8f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
19e1d5aabea22746de92767c2dabfa72

SHA1
ad7710ec2fe4f65d6e9af0642fcc2027137301ba

SHA256
614c938092ba5377d76b46e48a6b562d170b76f51db8346e1fac7521eafad924

SHA512
519f34a8f341d48e88db5cb19879a7bc6270232cb4afd8ca3a0da5c386cda4dc2f5509efafe759911fa6dc6e119add3fc8c4c18aae2828687b336921b81620ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
344445296182419081b89de0a28000ff

SHA1
d88880c614ecd7cbcc147dfe85f6bf33c2189ab0

SHA256
4ed0b8f1fa0c843749e8760d03eefd20a030a5686a7876e973e5db708b9937d1

SHA512
86f8c9a41ac3bf7d956877350d16e2bc8f4638327d2bc33c4d851738eb9b63bcce37a91ec00acb50873c327158c3511b806b384b39eca6372632ca393f75a59b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
bb3199a65163d310f4bac9a813e2ba3d

SHA1
69906984579f72ee4b54b39d6e75c58b3ae77137

SHA256
3795eb7aa831b2a9ce10d4292f039b86ba21c2288df7b220b0ed03cc2fb9968d

SHA512
82ded68b3a8844a2695bc3d17091afaeed4bbb34ba5c7f0c8457d1cf3737a08df27b4a35096efe9bfab9ff87a9185f8acc7a1fc14bde0ba5fb5920fd2cdbf58a

Download Submit