Analysis Overview
Threat Level: Known bad
The file https://roblojx.com/users/1853428327/profile was found to be: Known bad.
Malicious Activity Summary
Drops file in Windows directory
Browser Information Discovery
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-30 18:30
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-30 18:30
Reported
2024-11-30 18:49
Platform
win11-20241007-en
Max time kernel
599s
Max time network
591s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133774655753487077" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://roblojx.com/users/1853428327/profile
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xd8,0x10c,0x7fff2c54cc40,0x7fff2c54cc4c,0x7fff2c54cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1800,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1792 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2072,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2112 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1220,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2164 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3080,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3252 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4512,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4480 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4520,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4564,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4388 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5272,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=212,i,4434968965815165655,16005969634767251744,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5376 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | roblojx.com | udp |
| US | 104.21.24.3:443 | roblojx.com | tcp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| NL | 18.239.50.67:443 | roblox-api.arkoselabs.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| GB | 88.221.134.81:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.81:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.81:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.81:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.81:443 | js.rbxcdn.com | tcp |
| GB | 88.221.134.81:443 | js.rbxcdn.com | tcp |
| GB | 2.20.12.77:443 | tr.rbxcdn.com | tcp |
| GB | 88.221.134.25:443 | static.rbxcdn.com | tcp |
| GB | 88.221.134.25:443 | static.rbxcdn.com | tcp |
| GB | 88.221.135.232:443 | images.rbxcdn.com | tcp |
| US | 104.21.24.3:443 | roblojx.com | udp |
| NL | 18.239.50.67:443 | roblox-api.arkoselabs.com | udp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| NL | 18.239.83.105:443 | css.rbxcdn.com | tcp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 105.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.179.232:443 | ssl.google-analytics.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | tcp |
| GB | 172.217.169.1:443 | ep2.adtrafficquality.google | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.16.227:443 | beacons.gcp.gvt2.com | tcp |
Files
\??\pipe\crashpad_4496_ZTQFEEVVVGAPZZUD
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 7c6ee8cfab503a44496428ebca661223 |
| SHA1 | f647fa0848cca9adf0e02346982374275c273f2e |
| SHA256 | 9e4d2f42e1448948259c61eaa85d82a1251e6e86bde5cf486269ffe2ee12aaf8 |
| SHA512 | a8ca7952ff5417f6369566fe2af4439bddc4815b5435b6efee1193453aab4ba50909639d30515a90e3c05f428efc3b3c2ceeb1057e992dcc5a3cbd90560734b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 028fc88d1432793c777cc8b648b77476 |
| SHA1 | fcde1b8e292db40e95c886251dbf3c3a0f6bbd48 |
| SHA256 | 1e6cfef23a04026c7f458c2508081ef681317ffd60a71712957330a40aa07052 |
| SHA512 | 80bf485c932e2b0178f371d55c29cab40e99f3a040b5f83db35b35ee1d097d5294d9dae9fbe77f3e9d3dbbf163a4bbc7f6877e4631a0b7228a412eac7dec03c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d646bb2b0acbf6da596ef78b4b558acb |
| SHA1 | 64a1fac6bdafa9d7ea5f4d90ce4b88c694b2f780 |
| SHA256 | cc4b3e3d74de5ab586f594d16fc20749d2b7c366fd083886ce0014e0902e1641 |
| SHA512 | 0848517012e7a3fb63e38283a7e2409242a42c202fb1cc3ae6e23962a76ccf9b71dd90812a1b4f9f0da075aa5ac8f49c3990433e95c5badae1963c23295f131c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2a44e669da581e05b65a09f21ab18256 |
| SHA1 | 211f95652406f74923c44137ded2e0dc9d126529 |
| SHA256 | 4f833ae785d39c5b18f147bc2f4cca36ca0a83c5d33740733c0ed4df16b761d8 |
| SHA512 | f1cdd4f1c36c9c39a414b456ff1c57000cffdc6140995aa2b2b247d9b6d009874990941cd067c0bbb0d4698ef86d6ee578b0d9bd3cf03cd8f7a85093cbee73d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0ef3874eac9f6900a7c5aa9f0cb3e761 |
| SHA1 | 722dbb520a433e4b82a1194ff8eb6dbb35d8efcd |
| SHA256 | 4dcda11bee49cc83db3bef6a9838a1ef3a2c0e90c37746145f577a1e10a44c49 |
| SHA512 | 04cde78ded87cbe58caf02cb9237ab8f1df187ab8501ebbb1e90f010171f6e9e22f78eda5f1a13fd5c17695153355b8b45c571c9064c9c670c54e84e4b737e16 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a40ba31458d508574af2986db371540f |
| SHA1 | 4886568f0a59429aba42982262404cf28be93212 |
| SHA256 | 4b444d0fa614d8c1a7462a7c48317ad7ded7d92e329f0dc210d431a1fc910e30 |
| SHA512 | af5c71b7d45ef576637ebec7a5ec02a51e62fc74c93776bdf01404d24e9bffac599c3b7367122e733f48640fea14bd5c7d36b66ce81c29d698f1ce2baf98af61 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 8a57f77bffdb82f47ee57232f34020cb |
| SHA1 | b6b863c4a767b1ab7a039302c6e956ea87aabfe8 |
| SHA256 | b8d05d89994845edadc951751d4a7e493a6044f80b6da08e4dc432e5631061bc |
| SHA512 | e315ba5649812acff9779fd56e378ab06a842c52c7f52e4b2f0be67e01b92fcf8a65c431a4f09d19b0cba6908b138c266876eb4a046aa781209b1a8c19a64f9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a09c8ad3fb71cc8cd3defed538d3eeea |
| SHA1 | 54ff5af1f80245461963f0065597aa84b332d1c3 |
| SHA256 | da0d3249c94f1d9080e898623d6de877dcdc914e7f949dc1772955c69899b403 |
| SHA512 | 9a523e8bcc94bd79eb750d71b2a5924674241ccea5f77cfcea46a376cc7f58d994642db17d27482a195ff33e955557089ab1ad5a8bc599456727ab74510b048a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0241a72b24cd683eaca409eedf41be7 |
| SHA1 | dcb0be888e7dd13f496661b534fbb35da45bceb6 |
| SHA256 | 16fd5cfe32011b99b881869ecf1572c433de579d1359c3933e48acc2057e85c0 |
| SHA512 | 7c042b8b39e9d899f2bda0c0eb4a43a790a17c505ef8d2141291b1ad850c943bbf7c3b07879a3306ebdca9240459d015919831cc3bafea814d4e309dfa302ea5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a75d35d9c3f89ab6a94fd3ad5679fe2c |
| SHA1 | f3879c3ad0c81af32b8a56f924acc0462d8f3554 |
| SHA256 | 84f596d92c14cfd5b1b93f0a3ce2c35dcb83cfdef7065c4b7f35e39df1e645f5 |
| SHA512 | fe09aa01f8ce88b850223c5423db399b350be0204bed451deaba047a1317f1cc98d0fb96aa76705408a890cd9dfc44f800fe36bbc2dd86d29d2c1c12e90e6a71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0f62577b59083eb3491f680b7b605908 |
| SHA1 | 2af0f5ffda1467d7dd4de7a25b1df188ff4470c3 |
| SHA256 | 589ba05431099061c101939acf3fd55757bef5a77ce678076afb35b82d22d979 |
| SHA512 | bfc79c0d9b7c65f46b4cd70ba11b8d74e30596da651988631822f500c15f6508b655d806bb731501fd8139bd3a53a888e6aa9c797d65ae460676724cd5db4239 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8aa064dcdba9859db7ea6bfe2d1f39c4 |
| SHA1 | 850ad9e18955a0e820e046d2fe4e7356cd12c3ff |
| SHA256 | f9e0ce2da795972f34edef78475503b7586985008d7b09bdf170b6b85960874e |
| SHA512 | 16c34d5859e5e9de4133e8a0d3ba9bbec5d4bd0ca00f07c2e734bb3d000cd2d4fa852c8920dcdab77d53fbc3e2977e80b3700bdd8366158072fae49ece7109c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5de598186612e3ab202cf25a25e184bc |
| SHA1 | 1be2790665e8b960a45c60aa355d3f0c28dcafdc |
| SHA256 | 39fef26c3a8dd5647f1db295dfc4f72eb546d3963616bb240d7c85e9589ed272 |
| SHA512 | debe4b950136918bcbd3f96da76f073fcc920d85a21391ec59ee4573cac08e997f43b695710b1c4d5c561033f69fdef3f71e1d231281e0fc1b644d846f4f83d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 009991171af5f27206191dcd4a5619e0 |
| SHA1 | 61116ce2b92c049b68d87fc5071cf14eb441fe6f |
| SHA256 | 74bd66c96aa104f6af0875cce3593bd5684130da838bd859f744028133856c7c |
| SHA512 | 54aa72087e3cbd963681d4f5a64e3ae172990d5cdb4f2f2d94f79284d44c89ef37af69cf569c50c59989d307fe52f5d192496092052fa97bc86bb1bf06c86832 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1aaeb45994b726afdf90ac23dbabd133 |
| SHA1 | 1a0aac53ec836da101ffc18c4cf8329866d49713 |
| SHA256 | 1d03fbe11ca9b40f9ac7f15e52761c1493e9c0daa41e15d9fd9514497922d084 |
| SHA512 | 4e66a926968a518e12ff6be5ffab7d9ca4345372a893a9d725b491006bdd8bb96f02f81b7819a29cd10c391c47c4f951452121a439988db8dae71d446b54713d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 333ba975faebe3b9d549d40cba0fba14 |
| SHA1 | 445ca22a5cf84c4f7dc64688a7545d95e0828a5a |
| SHA256 | 6b8505513e36c128b8e5316a69fdab6636888d7ed2044b9252bc38d6b69444fe |
| SHA512 | 568025dfa6975b6aae1cb4a5c89b96bf150eaadf265cbdfbab206c05944fe5c094392db0914ee8c68cdb79e94514d26b6a0af204cd6f2729edda8ef988dc15ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 84f44840509b93dfd436161785cbcea1 |
| SHA1 | aec09cc6e84f4a5d5b6cff62fa3841b9bc55b97a |
| SHA256 | d5594f5b96de7cf2f7257176018ea08d5a04d367cf07ef4e790c544f1e8a9032 |
| SHA512 | bb33cd624cba8a31376376b3e57f32ad13c966470a46f5b72d173dcb9557fe798be32c49fcd8ed476a1e891efe504d66757b886109d72f2d268900794e6e6be6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 12022a9800f829f6da48316da888eab2 |
| SHA1 | 5bea60ee99362b72e79f970aa32ae785fa8fc5c7 |
| SHA256 | 01c3af05cd9dc236642f405a5f6bda83b101b8ac82f9eeecb955a43ec00ace01 |
| SHA512 | 7defdac2c944810caa0ba006d42129903c1c4d488d5d08677d5831065c703178ce7fd08e67d71c7c1f2ded08ecc02bdae7c42aa910fd9dea9ea51311eadfc625 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 010d0026f1c69f4c2bc3b3d5b8d37b49 |
| SHA1 | f0a18ab3cd93b50d8d5c2208378e5926e849aa81 |
| SHA256 | b8a83e065e6800a001d0abe379b44e100f46360e7d8128fdac935110f18ab740 |
| SHA512 | 2f735c9561ee44ecf05efe51cf78c0328ffa6c58cead35301b21b1aecd6fcfdbdec0669ed4a9a9c074667c8303f7420b6c792b9d773c5ac8ac39cc5b208bbe32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | de9ef6a3e74c074ac0ef0b31e47d8c61 |
| SHA1 | a042fd749fada9dd46b02c3913e02a74d4f60f2b |
| SHA256 | 27a25c5333202b1a431fba35ed809508ab7ba8e2b4713380641dfd13c1e98282 |
| SHA512 | d9cfc2313e100d30848104083f6470c6026df8b81e0b7b8f7723f0728ce402025d01492cb60297ba53199898c6e0288c2bfbe3382a2072884251621a61715132 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b80a7db0f831e8dd9a5c259e59d1cc15 |
| SHA1 | c02e7e45225dfcbdc97bd2fbd56a6a17cba30c1c |
| SHA256 | f46acdca39fb244d01243b19633cf5359753c794abc4e9994c97fe737cb35b2f |
| SHA512 | 58cad28cd6aa806fb3a9fa5a45ba694bbb4de44bc22a175a7f599d85211ef5e367296bf364ecb878da9a0848dc1999d56a15bfb1ea3a269f74cb44375da5695d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d65c08d95da1e9bd6895808472a0f495 |
| SHA1 | 726bbcb804fb8f0c774232da72c6349e2f79b3f0 |
| SHA256 | ce1ba10eed996f49bd52605ff8ce93fac0ca6384fbe2e4475acf211bbf1516a4 |
| SHA512 | 95ce88435cdcaba19bcc0202247f1c8aafdfa9e86a0939eef04cbd5fa146d77cdff822e7e5077e3a53d57f1e607aade906c0bc191686cb5edf3c47378be35865 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ac8db64f11fcdb337353d05af5425716 |
| SHA1 | c6bdae0d0e27d593090854a3e7586d7444f4b336 |
| SHA256 | cd2b2b847a17adf9ec1d2b952eb74fc050f709b4763ae2a1729a78ca9f8266f8 |
| SHA512 | 30f93410f68a716d39ff42dbf583ab156e5465dfe38eb019c8feb2c9670f9933bf8c4c9ed7b9ca3eec8128599ca05e4f7f5eb556af3f67c05c31827ad50fbc69 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4cf1776b9ba897a029b2069dbb693718 |
| SHA1 | 39b58726f6263dc97a41f2de15205f5039b1bd0e |
| SHA256 | c8f4b1408bf5c72a1265313f43737f533e5e574f82ab571a4fffb48598accb53 |
| SHA512 | 42d19c0a14c55d8df94b0221a68951684584bc36074c88f26dfe27b4e7307aa8c577d187654c7cceaeba5fe5579b7f48d14a3d5069c6f309215d5b2c253940d1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 33e50ff78c7acdff96e0b5801d21e572 |
| SHA1 | 18af54163292038506cd3c1d936890ffa6ed8f7f |
| SHA256 | ef53f12d581476c1a24f173f98452e1eda18228af1819ca3f9ab3453547fac8d |
| SHA512 | 01b4f6445fe7213cb51d07a5017fda3a64ecca7f54d105f1d7fedf4a48d32685e45e8196034d2fd76215fcfa399c744d2c8225685bdbca6ad9e60ce7553d56ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 55e55cc832afbbf17c893b8613cb69ef |
| SHA1 | 58c23fd9cea3f9eff76b4bc28eeed30317a60253 |
| SHA256 | 876ee0c66c5a850678f35d99e2714c3b717f64522f257c62d4f30de3f4dde330 |
| SHA512 | b944afdac61ca07fcda7e9cceac520ea7e08829ff7883a2238e721f227bd689117453a9bddff98914c631c46ddadb925d5b371e43708b3110a379c2767a955d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5486d506cf22593220869559f2eea12 |
| SHA1 | 66361ca9d5b4f1f8d0fd16fd601ee1f9164aa272 |
| SHA256 | 1ad3b45e71390e9d8d661761d36c1e81f4cfd696bd850f077f54e6067627c602 |
| SHA512 | f01c46ed0f8ff76c3ef3282416edcc5594e75ca9c1d2ca1297cc8e7b78e24d22d73aaf63532b65527209750dbf82249a76eee4b066a85067094f6102b2782b54 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | de3d24ff82d44a6364a8c8bf1c174e0d |
| SHA1 | 8f1b826c4b463c16680288e8d512d32963281e9b |
| SHA256 | 27bc526f20758cf4d937f22a825dac146a80620c7a2bfe991c4e2c0289190d31 |
| SHA512 | 5696d1dd6097a0112096312ec45209d26001992d549cc551a9037a74530c8ecf2864628f0053ebeb0bc822c2a842664034020c09a81acf809aa4722356940980 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e1154ad7d240f787c9ac4ad661ee4924 |
| SHA1 | 8ea6fe7de213e22c25a0cb89df26f8f922de0d7b |
| SHA256 | a6a2765f5e535cece69f216e66b2b99a7b01f13fef22b11eeb1a0e487d0aaa7d |
| SHA512 | 8b96e3eaf027a942480058b5231d1c7deda9abebee23c142d9d1752c168227cac334cc7443729183d71145f159fa3629d7b25be4fa40d58200e79981a434c53d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 324d7a30c31f203636698d914c887d48 |
| SHA1 | 141713fea37467f41641d187dce2ccfd680b9089 |
| SHA256 | 3f9913a62fc4db819660dc35a5686733eac6f73b6fa59c7612fa5dbac07277bc |
| SHA512 | ef5881e0372f8e232be682517462af8531acee5246e7b78b79a022bbe08c08f9d06473f81a0aa01307197da41cfd031a4e1334a0ba1bc888836aa1a62dd2ec40 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c67ed4b90c801d79aa9f2c4801cc798a |
| SHA1 | b8df0d0306796ab731e9309d191cf0a15abd23bb |
| SHA256 | 7c04597a79fd8f458b5daf063d3b1a77b95e0cfadb16710b07e97d542fba854e |
| SHA512 | 93a8f59b9324705727006d9add5504ca9291f3c089ef99c3e453699df5981e13e2734ffc15808e26e91c78d900c58648926216b510eb9c5e78fe9dc5479fdd94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 952ebf499111d9e1a4a0373fe86b27af |
| SHA1 | 75a24cbba3827fbbab6dfb561796ded74406eb7c |
| SHA256 | aa76d5792b671306ee6fe13ba4b087a3d2e286677afd44acea81e04c93fbe921 |
| SHA512 | 122031b05196cdf2e38a36803c28c9ce2f05a55f529b34c1c39814020f60b052b36ec478d8964f0fecd9198e0200c36fde4798621bc7241d83085c6c996c46dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 905131936930a897f8fb5e6c847e3332 |
| SHA1 | 9708d528e7c2b904608222b9b0b0253dc68c83bc |
| SHA256 | 9608a526a099b08515846a425790015d94ab8a16b536249b1d6d2664b88003eb |
| SHA512 | 11ca0a25f77f2067eaffd790fe600d52b1a8fbf2eb80e8cb4b4c3282f339b74be6df0d7c8d01e09e365fa6d5b5f9240e0f1eaf2aeaa13532b23dd82411937d9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ca709fc743d20279e15a6070f7aee30 |
| SHA1 | 529039c0d5a94b40ba80a66cbc3721719b5ab51d |
| SHA256 | 9de5538cd504187ccf47a35e742b768a3cd6236f53564787d9154b6e62898abf |
| SHA512 | 17f941b2381f17f65ec2a727baae44f756e0d7c7f2aa2f6831018983617f28811ff2068daee063b8cfce745bb7c5ad09c8c7bfb185ff59fbfca72b371d845bdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5dc7df51f119f31321b95b94c98c94df |
| SHA1 | 91d1f1d85f504fc516017e9d47036295e22eb875 |
| SHA256 | b56489898bbcc7be24aacc2dd4effca02b472783fd6124e21ff621c153549bbe |
| SHA512 | 24513dcc4454c42ca58f4ca1904f176a44d94626e967ef86535155e217e1b1b46aadf2d556ae9ddfe6bf7bdefeeda1c2eb633bf128885e21307459f2a92628d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a4828456f9d83dbe1d225e8ff05ace0c |
| SHA1 | 9d05265b65c1920f67b215bfe5c56a67de824a56 |
| SHA256 | 75cf67828b1eb4c7cffcc41a0fee47a67bd6b0fdcf03d62138b0f48ff5766491 |
| SHA512 | cb813f7cd4a7c123a401f991af0405411b527fcbe6b9ce8a4e71aa12fd50c3a385140fc1ceed3af91d4145893d9c9c6ed28634409f8db2e61e51ba28b5a64e44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 302d72ec504189eca19d79fa999be67c |
| SHA1 | 3bc2e0230f6dd84b34274d4055a95d383eb07824 |
| SHA256 | 50762fba47ec685b1d2464b336baf6ef3da4414ccf5e8bf4badc02c94edf961e |
| SHA512 | 3604fea26467901ba0de51b36df78abba6d5f9811fccb80862731429548b0388f6c13c2883c9a86c406bee891be724599ee846f98152b26b331abef8fb25ca93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b1f58f12a3501c69365967f0757296de |
| SHA1 | 7b61be1ee0d5ca564271c9d9f658de1a14b61ef4 |
| SHA256 | 474c01f0802e13483665da3f80b0a9c9f41f86f2970e4e24e41e805e20278f57 |
| SHA512 | 7131d370c04ca89717cecf987cc654540496acefacbbb5b6014e9073871bac8bb91158b2c42e7d4c1ce1aa8cbbcf2178a6c126acc2423c718bd973935887baea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7c34ec9c281eb0eabdaa83a9754d5e77 |
| SHA1 | e145b676b65797489274d622f2d64f3de478aeab |
| SHA256 | e4e975b27796eb23cd7a5be25a8be9d67e114c5d290259856876ec3854bd2fcc |
| SHA512 | 302733552b50eaaca88e11977d28e347ec3869411ef728a5d95bd82decc7e7a17fad4f7007607377dd6ce51ab3886bcbf340af936979c46da6d1374d33a2b8fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ebe63c91-4511-4d51-bde1-28679dd0f0ab.tmp
| MD5 | f251d9598e940c2ea922b9a9e9429578 |
| SHA1 | 1c490bda229afb997351d48422c570e2757e24a7 |
| SHA256 | 3759977ee115789a6b9e06f82ccd0c385aa9fc16e384226f324222cfaf573985 |
| SHA512 | e6dfccc093b775438c1e07c2588fee95c8c48d20ee863cba66e9bff08b46818c2c46be027fd23bc340a68427a1308f1e1fe0e5774d701f56d24aba273aef7727 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3db32120ce46b46e4a8279335e789c54 |
| SHA1 | a2fd8c81e78fdb07d8e8b08235baa5e6e97825b0 |
| SHA256 | 1757879e146bb904a126cd8f54826f42972b415044572fe086fbcb55d1c930fe |
| SHA512 | db9955a70e47b79196c586c886fc92d9ec745b1bb58a74e491a78658489bccf610a0186ff5442d72fe2172604e1347666655b631e56f3173895fdf1216c70187 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8436124c2bddbbab91db488ccc11379f |
| SHA1 | 533bda4c38bf1e6a532489f4493d155f3b2bdf09 |
| SHA256 | 7814e3e577a4b7aa8cdbcd5ae61aa817240127e351340564736edc83e0777c4b |
| SHA512 | f7fc6ff6d1439de879862bdcab75965307e72a5fe25f0e028ef353183c5650fc7bcddc6edaae40615c3fb5cfb2411817e1ef141a5f9ca5a438eeed86e9590fff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 386cfa5c05f8ffd62621db76552cd465 |
| SHA1 | 4b1bb529c71e63631ee36bb354e60ac733398b53 |
| SHA256 | 251690bbf2f3b5d777f9e46a3dbbb9761b2a83e85c69df8b48943326ab4a9577 |
| SHA512 | a13307d23b03b1469dadf6ee7487523a54bf749315507e7f2dfe41a1989f845ed7ab17ad0939707143c30a1d6dee9ab9f4a4b49336c58de8601a2360576ed722 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e24a3e83545a50fcae9e519aa9647274 |
| SHA1 | bb1cc0b08d9934f3ccbb19cf10c5d69c0db97f02 |
| SHA256 | 1cf41f0962d880cc35c1f0d5ed65d17ff0a8cef00c2b50616a8658367db1b153 |
| SHA512 | b66dbde1f943c622f231d30ee24976647b7aecf8ec9581e0e7a2948c26b1c6b498afde297451315228e8a4f079caa2a10429b582c97dacc7df20bdcc6201ae9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0609606f745225559277dbf967d9e3a3 |
| SHA1 | 6570ee19fe9bf3d175be36d91eb6f1420c10d3ac |
| SHA256 | f012a9bcf38b02eab21ba8afc74acb6c1345b908b1e8d34002cb10f7cfa73231 |
| SHA512 | c7f20261ee324aa8d27ade9ebf5834c91ad72a70ee263640e0df52c6c475e427f0a3f993c0119ae8ff87b2cc575ddc330bd72d1d161d3f2b0ecdee078aaa7bcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1f8db23bd36d8303f00020df36d49469 |
| SHA1 | 9618c40d20ca0a46a378b2be688811ddf52f528d |
| SHA256 | c32544e56ce1f6c29e3b2442c3107300031d1bd3a9d5d09536150b6150988d79 |
| SHA512 | 7a1c443054c14ce08a145c26b7ed6e45c26414139590ddbe25d185d9adc2d4d8ef0dd81f6a3ff39f285d2f1cfb95a72c74222a14bea36a7827104a0dec659cfb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9ef7381b134b794a882ffc38523cc5f |
| SHA1 | 51039641e487ec023c66ab5b3b5d5bddcb2b918b |
| SHA256 | 741fe2bb23f7093ccf2eb4eecfefdf5e1d719f9a013d90d61743bc51023a6780 |
| SHA512 | b81ecb3acf0f42fea298b8dab2c09b5e2eeaffc993717c259b317cfb20f38d8d75786590fe2c93e67aa2837f5bb39426128dab41ca278da15cb5fb124927d4db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e4356634fb9a955e0e1852fd9362c0bc |
| SHA1 | f4871c309221707f46206ddc87560d47058b8b71 |
| SHA256 | 8e338a6430a3f4af3408d56e9ff838db4e34d9d395176f4d74c95c456b7c10e7 |
| SHA512 | 82c0728473c4c493412ee2e8204adac1cad182275ebb90749bda2866c33fedcde8e3cefedb1f0a71e3ecf27f99337422de896e26ac731d535d22e650fbb5f203 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 488409bbeae74bd282be90d84c27a2aa |
| SHA1 | f0c2e521e798ec8be5b79e12321c36356c4e054c |
| SHA256 | 4b6a8351f27229ef8e2757ef3f498d7c62c10e52c697055cf7361294f16b3d50 |
| SHA512 | 9d0c10cc0b2108fa8942d828953b11750d6ef592f935ee88ee1ddc376d0e75f51ea5718df197b2c1ec0374114adafff01c275c75c24959411ee29385d0cf6734 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a7bae5d8412f6a96790117ef275c592 |
| SHA1 | d9165e751961e2981232004430c6b4aa0c57a5d2 |
| SHA256 | 99955462c5f9792d3188cbbcb380f165e358dbeecf675914f68be38f03a445c6 |
| SHA512 | b34128fef3d6cf89b19e608ec12f35cf0e729126df1911c9165e8943aeecb4a5aa41fbe564444e3fba827d12374159f8783bb56d4d87a9c02a72e89bd33b6648 |