ddbf5a9e67fa807ee7537d367e1c4023113d6f0097d981b0a49200ac33f8ded0

Resubmissions

03-12-2024 21:36

241203-1f8m5s1ldn 6

03-12-2024 21:33

241203-1egs2avpg1 6

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2024 21:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

WebView2Loader.dll
Size

107KB
MD5

48f540c05200c510303475e4cf95b557
SHA1

c814cef05c39abcbc398f4e83bc120ff012dc803
SHA256

1cae7b9ad51235ca43e86f561f4d4968ee81541aee9f759e24359ebd69ea6ec9
SHA512

3c05bc448430b17acac02f89ca8a8619e220c53640e7d9b9a10cffdcbce0ca9558acbbda4db1e6ad946a3891fff49c3eba9cf2d619255d8c6d11d4feff1a2e9e
SSDEEP

3072:dfaNmI0CA8jgW7WXKn8uP7gst+/Nv2DqEtSinM381b0h:dacI0CSXK8uP7K/EtNnN1g

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3260	1476	WerFault.exe	82

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133777352710521409"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2956	chrome.exe
2956	chrome.exe
4552	chrome.exe
4552	chrome.exe
4552	chrome.exe
4552	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe
Token: SeShutdownPrivilege	2956	chrome.exe
Token: SeCreatePagefilePrivilege	2956	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe
2956	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 1476	2188	rundll32.exe	82
PID 2188 wrote to memory of 1476	2188	rundll32.exe	82
PID 2188 wrote to memory of 1476	2188	rundll32.exe	82
PID 2956 wrote to memory of 4168	2956	chrome.exe	95
PID 2956 wrote to memory of 4168	2956	chrome.exe	95
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2132	2956	chrome.exe	96
PID 2956 wrote to memory of 2944	2956	chrome.exe	97
PID 2956 wrote to memory of 2944	2956	chrome.exe	97
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98
PID 2956 wrote to memory of 1252	2956	chrome.exe	98

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\WebView2Loader.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\WebView2Loader.dll,#1
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1476
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1476 -s 600
    3⤵
    - Program crash
    PID:3260

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 1476 -ip 1476
1⤵
PID:1968

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff9165ecc40,0x7ff9165ecc4c,0x7ff9165ecc58
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1908,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1904 /prefetch:2
  2⤵
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2196,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2452 /prefetch:3
  2⤵
  PID:2944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2236,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:1252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3416,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:3816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3176,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4588 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4812,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4824 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4980,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:8
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4824 /prefetch:8
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4900,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5224 /prefetch:8
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5072,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5136 /prefetch:8
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5048,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5004 /prefetch:8
  2⤵
  PID:1616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5364,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5428 /prefetch:2
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5264,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4052,i,16645757463909129431,11747111837361779182,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4892 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4552

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5112

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2400

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1fbeaeb7e02865d8bb4eb20ac953ff5b

SHA1
728b7ba646a0f55190cb76fb037d3c7f58b8116a

SHA256
1b1b81ea2c72ffb5aa8596eea1e27d9f0f679fcc9f396fa8b2b7e4531348f17f

SHA512
f12648d71a110858ea614ce4adad570809857a030156fc0d11f0e4fcd56f2454e6f72eb1a669c6584b65d340e410d0b3c59016961dde59e343216b5c16d95b05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
3e4a1766bf067a4fdc4e2bc9d53f9733

SHA1
f82c859bff733b83b93eb817034ebed4832323c8

SHA256
40be3e4e77f68617a8e42d1c2ea63e1d2af8b014c11c10bed15ad8babdef839c

SHA512
c0e34a2f352df178d56606c5bd783f3d64beb515c88e0ddd8bd7b622ab1aff2a5e9bbd01002ace013760215a342b4e5392c30fe5ae096f9426c7bfbb6a051a62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
ecd887924117e6c4d96450c0ba48e590

SHA1
2c5726580bff7a3882a21ae652be002a8b897147

SHA256
ffad3f587fd225f98f4ff4d76a721185b713e6790f742c867aba0de6273102fe

SHA512
b64c89fb44971cec935a854ba0c0363d2be6c87de1cbc2e1b088182f040829f2ad161ffd8c21f20a3210fe2903becd4a8f1efe5c28a3ff2bb5660380a797daa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.84.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.84.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c96fee734165d74201d0c8d3cd2ea36f

SHA1
39ad2ba573747dc04c04bd0e819e4cb5540a64eb

SHA256
8b17d6ebf8f2bcd2ace69c1c661948183fc49a43d4339a1aed57a66a2a251e83

SHA512
6bf5d6a95dcf3952a6aeb7495fd4551a1accf78262a61e08de81ec4996407957f406b8167cdfee56171cbadf2903c1282ea72df5c7ee894736a1e9f2024ab801

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
37ad80b3b9387851ba2e91e046160e3d

SHA1
629db88141617bce2b384d8db59edc07f06da0de

SHA256
f37f7d878711d97fc1b2a44d8a7c605a7280a74b6872b6bd9385a3dc7d24e6f3

SHA512
2672f02a6d346ca642ead21f9f31b4f7035ebe74fe436fc02c873c35f6d6e75a7c3ad8831996265a4bf8aeccc24dacdde23cd7625da7fe30e24618298a073465

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
dad204b0f4e795a8572eab519af4c934

SHA1
9eecf371205b4b69ed0faad20458976fad2d174c

SHA256
38c6cee8ecd591c26b6a5221a54e0a37395ddf2302b6a9d15d455710987b2fe5

SHA512
431a31c9331cb5ac6e99f335d28d5c256a09edea481443df71c337c752fd3450859bdfeaa68d74e5190dc7ce6983de1e2cc46e94fa21de27c522b3bb3372eef6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1e14ecfe01f6338ac5661c41926d27cf

SHA1
d1088131e860096b895eaa210bda871a74004b24

SHA256
072c529346105f547640b22f3f9b7f169bd6003ed8f92feb70b2496566bb7e23

SHA512
00bddc3aff9dfda41d170232629ae133d03084c24c4834fbf313ec04ecbdae303f68f41bef7fcefedb062bad5fb909e056b982d246dca9a193940bf3dbe991fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6efd0a44669ce0026e76cb01db57005d

SHA1
3691e596deb06b4eb9c2728d4ebd5d240161a1dc

SHA256
637b0ebe93b65f299e123c05c6f4b083db8b86e644ce81f415bb07c9d737f1b1

SHA512
9b8781ab7fc22eeda315c032723ce49208fa6c556af1705d47f82f1338dc89e07bbed173425af0ac16db1ed66cd27967983c916d2352b02f935299ca28c9eb8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
67947dced7bbd299c0133d99784c270f

SHA1
ff305307ac9a9ee56b81bbf84af6dfa72b97d002

SHA256
14b8c0e1645e8bcd01b16c39c2bce276cd09d8051ae0c837d2de895653784fc9

SHA512
b0f564640dfa06e7402040db41bbe94a0f165a99f5f4f9155b19089630649b1ba27986949536a3862014fd6ebddce457dd46a867fa5750df9bf43d377776f02d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1b3fa5e3a2c8b4fb5e5b7e22aa63528b

SHA1
f775b3b6d4346be7fde290860d1154a132c51de6

SHA256
9571f362df8d49f69298fd1283c5e8ed969ca2d43c459ff10439a57920efb8b9

SHA512
d125b5a7e8683e1db3afe256d796dae08c67fd8bda53854ad073a7fccdfa03ec97489cadcbab9b9c1a737f48d5d829cee5aec371385fa0cd988d0a71c43ca908

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
48cd0614a0f3e15b52296d56c4b8ad02

SHA1
ae11da3dbdfde6e710535512496a84329e9dc02a

SHA256
f1ab6c15be1adf6c4d5b8ea5c76e3c043f7576e66568c392de763a7a07f22969

SHA512
90b736932bbee2e4e7a4bb83cd0a6c176635d671b282f5f0ccb107db4e8076bbba4fdf713690c31818f9f5e1ec12e7979cfea9c5732f4fc5834b8d23bd581021

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
12173064816157d97b5faa98c1c9c912

SHA1
77444d04570ff0f8aae83fda8571c0963248c66c

SHA256
d73282666c4b57433243a7fd8b913291025d12f57659b9825cb35df032957d4b

SHA512
eb10e7d4ac4caa4b7f4ab50656fa07800bce2609aa71bbc4841d267b86ea75a5cb21b77b6e4373fc9f99e1daf9fe3d54ff7f14d763d9146430f4386ba6ff7c21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fba9a55ba1a4fd04052a934ff46173a1

SHA1
5db8d04a0375d7a2dd1ce8372a44c1464fe40617

SHA256
a2aa8faec45b6be364fe32b1752a964e579cc8e078a8380842ec0497fe9cdc64

SHA512
cdbaec0574b2488db723d4d07707757f823d9c65cd7e0f8cd0be308e277e73aae230b4d99fec564ee163b73626e17df574c49bb3cc3368920614016b081f9bd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
29e3ce14325dacb043ea11d41b471ead

SHA1
5bdc64032f9561fa1f9652220ba4442d1c3be8a5

SHA256
31be83a5307da9f122d8377970c93772da8d67dac05e98087859abe509264d98

SHA512
c7b8006b8be06111bc4a9ec657b55b0cb130803f10f62f82839543ef7aa61d4a2a18ed699074e7ed8512d9432910a2accd6ffed24a49b5e8e609c20f5d05c0f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
0c247ce369ed43a483d30f686e21d39a

SHA1
4ec3294a9f375a00509ce08a24060730d16915c7

SHA256
20299d5155d90e9682b713581ea64fd6efc481cb4b686c549ceaf7efeb8482f9

SHA512
a09c790776994f030fb725118ed3325141aa0d092cd8a17c3a8ec856315381cf8563f273654c8d8ff1c6815498ec36786ec9e44ca943f7fea7a6dbd3642da082

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
5d7a507c9ffc04e1ed75470482ae39b8

SHA1
4176a0bfbbd615bdb08d59da148eb79928aecdfd

SHA256
acac6474045f76ad1f474033cafd581c2c2c6013e3a0a9b6ddf3d3eee6e4dd86

SHA512
3b4d32cc993c85c1d430ba785a7fd7e35c2257f95a88a42640ac2332586fd6ad23c597f7d5768594f3ca1e010ed714d0679c21bf38fb2d8e46ce959a9920d3f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
c21323a7e16a713054966a3d526afadf

SHA1
8d667209250b8ac5dea963ba1f5e18095a7b07de

SHA256
9f4f2140d93d798c932f382dcdedf6b64f6295db17b84ae9519be8a5bc594765

SHA512
23142c21ebd0524d214f5f1a33e3f1d2f524949f769ac36c3c0bc94251ef5db764e3fe061e89a21793357eb1dd1a83e9f637695dcfaa148c8d4cdd72c823069b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
8fca16d7070001820a127cc30ccd857a

SHA1
fd9351d2c03228169215ad4dafaa8e42b23ce3ee

SHA256
08d04b7b26f8378c1ff8d70589db90dd15ced39381383623c8ed70a0cd9b052e

SHA512
4726645abfd84fd07791af4933c0fea77d0b47f708f8121fe767b28e26f32a31dbaba36727366665e1c32c116976431a95d61d5da4b79efe44290fc78e230cdf

Download Submit
C:\Users\Admin\AppData\Local\Temp\606b55d9-1363-4f37-b848-377c33c1236a.tmp

Filesize
135KB

MD5
3f6f93c3dccd4a91c4eb25c7f6feb1c1

SHA1
9b73f46adfa1f4464929b408407e73d4535c6827

SHA256
19f05352cb4c6e231c1c000b6c8b7e9edcc1e8082caf46fff16b239d32aa7c9e

SHA512
d488fa67e3a29d0147e9eaf2eabc74d9a255f8470cf79a4aea60e3b3b5e48a3fcbc4fc3e9ce58dff8d7d0caa8ae749295f221e1fe1ba5d20deb2d97544a12ba4

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2956_2265334\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit