Analysis Overview
Threat Level: Likely benign
The file https://www.paypal.com/myaccount/transaction/details/2A9601512F882932U?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000298&utm_unptid=c4c864b3-b0d3-11ef-9d91-2dbb9d56d7f3&ppid=RT000298&cnac=US&rsta=en_US%28en-US%29&unptid=c4c864b3-b0d3-11ef-9d91-2dbb9d56d7f3&calc=f884890309767&unp_tpcid=email-standard-transaction-unilateral&page=main%3Aemail%3ART000298&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&xt=145585%2C150948%2C104038 was found to be: Likely benign.
Malicious Activity Summary
Detected potential entity reuse from brand PAYPAL.
Drops file in Windows directory
Browser Information Discovery
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-03 13:12
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-03 13:12
Reported
2024-12-03 13:15
Platform
win11-20241007-en
Max time kernel
149s
Max time network
143s
Command Line
Signatures
Detected potential entity reuse from brand PAYPAL.
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133777051872940284" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3587106988-279496464-3440778474-1000\{C62935D2-A204-4B5E-94C7-E474FAB001AC} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.paypal.com/myaccount/transaction/details/2A9601512F882932U?v=1&utm_source=unp&utm_medium=email&utm_campaign=RT000298&utm_unptid=c4c864b3-b0d3-11ef-9d91-2dbb9d56d7f3&ppid=RT000298&cnac=US&rsta=en_US%28en-US%29&unptid=c4c864b3-b0d3-11ef-9d91-2dbb9d56d7f3&calc=f884890309767&unp_tpcid=email-standard-transaction-unilateral&page=main%3Aemail%3ART000298&pgrp=main%3Aemail&e=cl&mchn=em&s=ci&mail=sys&appVersion=1.294.0&xt=145585%2C150948%2C104038
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff2076cc40,0x7fff2076cc4c,0x7fff2076cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1740,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1708 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2064,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2084 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2172 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3056,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3520,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3060 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4272,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4536 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4588,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4280,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4808 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4264,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5128 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4952,i,10536791355631992627,10004040525068268990,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5536 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.paypal.com | udp |
| US | 151.101.193.21:443 | c.paypal.com | tcp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| CH | 18.165.183.89:443 | ddbm2.paypal.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 192.229.210.155:443 | paypalobjects.com | tcp |
| CH | 18.165.183.89:443 | ddbm2.paypal.com | tcp |
| SE | 192.229.221.25:443 | www.paypalobjects.com | tcp |
| US | 151.101.131.1:443 | t.paypal.com | tcp |
| US | 34.149.66.134:443 | browser-intake-us5-datadoghq.com | tcp |
| US | 34.149.66.134:443 | browser-intake-us5-datadoghq.com | tcp |
| GB | 142.250.200.35:443 | www.recaptcha.net | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 151.101.193.21:443 | c.paypal.com | tcp |
| US | 151.101.193.21:443 | c.paypal.com | tcp |
| US | 151.101.193.35:443 | c6.paypal.com | tcp |
| GB | 34.147.177.40:443 | lhr.stats.paypal.com | tcp |
| US | 192.55.233.1:443 | tcp | |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| GB | 34.147.177.40:443 | lhr.stats.paypal.com | tcp |
| GB | 142.250.200.35:443 | www.recaptcha.net | udp |
| US | 34.149.66.134:443 | browser-intake-us5-datadoghq.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 34.149.66.134:443 | browser-intake-us5-datadoghq.com | udp |
| DE | 142.250.185.99:443 | beacons.gcp.gvt2.com | tcp |
Files
\??\pipe\crashpad_1900_BQGOBLCGKHCZHHUH
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | 2be38925751dc3580e84c3af3a87f98d |
| SHA1 | 8a390d24e6588bef5da1d3db713784c11ca58921 |
| SHA256 | 1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b |
| SHA512 | 1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 6aad17becd01f426340176fa3a5b0f40 |
| SHA1 | 292cf6cf05e317a1ba712855f747df54faa6fcef |
| SHA256 | 6d277ae457dd8386d3f2aea6bb52138379dc2f681723e4247788ed331accd315 |
| SHA512 | 48871065032667f9927c3db1eabb8e801895b8c133f8dc372188044656659b58c751df19b923acdb0609925af9da3eabcdc33eee8c55352afc556d581a20b8e9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | dde66442b7b1e1faa16d0c2c57f34079 |
| SHA1 | 06846de036b7af99769e7aaca466fc7129d60232 |
| SHA256 | e6003300f4a9eee3f4667b353d711ee1821dbe44d79287743a6c286b43980e78 |
| SHA512 | bdb6b05d02b582f404b84a9231e81287c5f898074dea9413cf173d735826e67d1db0593dfb28fbdb858cc91739f4f4da77934685eb74d17286c416d2e9ab5f51 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c656cb53dc6d08d985a76dea87b9776b |
| SHA1 | 13617ad3341efa066de6fc10d5ab08f87bc2dc84 |
| SHA256 | 1467af8d23db3aec2406d1c11392c98e5291a5c14b3d1186377f12eb660b50fc |
| SHA512 | ea1a577247bb42870374840cc252849320056941d20eedf2541a08c78ea1043c9107da603b37a06ac11f618a0197192fb065c84c12b1603aa1a3cc11f7d1e682 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 95f6bc3a0f7d3b5111733eb67305b92f |
| SHA1 | dc436c3b674aa53cd7c9f5bd303cbfbe333e0671 |
| SHA256 | 4da49dd8ca8ec3e7a4117a251bc9903a6cc37c22bb14b262fca8a3976d94870f |
| SHA512 | f3656b0c1fe018f7c716a2729be64a09cbe2b8dfc8919d95cb9cd25b7d21dcd13adc6ba364d50b00db2a9233ae0620e8b3931599095ca93e32de021260bf909c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fa61561d97cfe94bdeb525117df7ab0a |
| SHA1 | 66f07969d7ee8b48f45ef4a5c30c40cb00188baf |
| SHA256 | e7930495a5c68848f177146d0d0ff3d11af870e90e37055be3568e753ac25f2c |
| SHA512 | 903588c627a02b5465737b2cb1311bb54f7d28930f79546b7353b5d20c8d50ec051c3595e16b429966ff2545254688451df51890da371ec8d975dad8400bb3b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 24d048589e8f4be9d1ae290606fc1309 |
| SHA1 | b7e3e3d55a5d6e6fe9536120681261964b1f33dc |
| SHA256 | 63a98c061db038ec51a93b8a059074626a1c6be81670064f168b878709066165 |
| SHA512 | 48a46ade7b55a3cb4f14c6920ae8d8aff4959ca5085e99f2539ee1b3a6b4df0e30edd5b36f2499e4720fd7238fb8e887514ec6a312dcc0b8113de66ea607d274 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2c124a94da58da64ffba43a4cd816ac4 |
| SHA1 | 0c4979aa02767ad2a4fb8ec19a5e50897db09a7e |
| SHA256 | 5186e51fc1a5063f1f72a6a1a2ae4c8e2840d2931df46f1adc8f2448e39e16fd |
| SHA512 | 9169967480bb2b0ae5f85f8ff872b4c78ca866dab697f5d3fd813a8a245576d344772aa30567744a6a72745034b362e2852b451682069fd73c0fd0500fd5485d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9c85d4c39c50dfdb7a91ff4c1a6d3505 |
| SHA1 | 6fa3b7ba69580e90fa7ade538c003690791812d1 |
| SHA256 | 105c92067b4867d7e4147a5cb6ae56fb89f4eb5f470ae3aa9921515ee092b286 |
| SHA512 | 0f9c779f47fe58357d43769e13cddf32f7685ad556b8451f89770320a3c45bd7d72269c59985b4f778c8f23f6c329a3c05d391b16c354b1688c663ab6bd84758 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 89b23d9cb4ad66ac6da847e46e87a149 |
| SHA1 | f0c06ee68a3d78382ad134aac176d2684dbe277e |
| SHA256 | 68e22fc02894ca0e44e5b61df650bbf56e17ea9856d039df93b7cb1b8ec0f4a2 |
| SHA512 | e4e5b7ef75c351a7a766a43b3af8efa64cbd5599309c8b987d9214b3f41d8fd781847588c407fde3780e197912aecfef5f3804ae40346c055dcf763d0e2f08b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0435e8327d3b9f53f221459e2c0ba72d |
| SHA1 | f81bd09838549f19d02971ef54443b6db1aaf9ab |
| SHA256 | 2eb5a13b374376d0c93c96121683fd31fbdac4b47660f685f8951c8fae0bec0f |
| SHA512 | 1b4f09d0075d3529b9a99bf9cfc94486c184c85275f621fd4025474f24c7a44df653a4f7d0091c993d2723330d0804f8bb78fd210829b48e753eca407b7bb3b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b2e94b8963076c0ec086a1891792653d |
| SHA1 | c42e187803809255d07da4dde3b3c59528c77230 |
| SHA256 | d68529258f3dfc99a09f8511b9d44575b6cb090fd8d931c9ec83f0d5ba0763bc |
| SHA512 | c2e4582e955d477c930aa7370884ca8526e49d3374b6afee44236a6aa80f48ce7852a4416eafd2cb7de627852866c0c70806bb9c36441a2eaca0b91b397b3ffa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 98d878f9cc2c7db2fba7b92d99442684 |
| SHA1 | 2e8e9b60e5047a65429ac93090bd26f3507ba9fb |
| SHA256 | b79ce713540c3feee9faea8a5231b2ce715a12d09c494c11e83afcc124add748 |
| SHA512 | 5303f58bba62476995504d825bddd0d24d063afac93b973347fa930e02264ee81c0b03bef5c1173764917a0088ad30ba85b7bd99e17c510c0ac85a5ca210e177 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 29cf9bc60b12139644689d8a253577a4 |
| SHA1 | 0afba8a572678ba904c35a94c7d7db7d65ebe25f |
| SHA256 | 2f5962563378d96f198d62583e0ee5894ddea32a1e570db65c16bb58573207c6 |
| SHA512 | ea8830d4e6da295d592e0d43fd143941194f8fe940648bd398f00a3810eac3d0f2293c74c1d4912243d7efcbc8a81011c4d39d0fde2edb9760c519185b5afd41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1b5a8fc1fd3ec88ee67bdd80d08f8f34 |
| SHA1 | d8ad87e3759b95df876db3ac441acfc445322669 |
| SHA256 | 59968d9af0829071a983d9198b429d2df89347ec680cfdce8b2307eb7104b0b1 |
| SHA512 | 1f619dceb529cba56d5f420e2ca83d1d2e12dac677734097667d0d7a11ea7dc6fa90137529ba4f4ef1a59c79fc0be48a9af83bf42e674abd6ed7d469aa018836 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 21bf0efa72752025385dfec35c4bdcba |
| SHA1 | ba47663477339ea7f829d8ee885a519934692506 |
| SHA256 | f290acbe0f4c9b87898400617e0e1023ac3cabb712c0cd1c3ddf5b58c839a2d0 |
| SHA512 | 75e3600985e5b2aeffc09f516a3b3e7d7f1fe6d80cebb9483f3ca1b8f970d968744c04377b125828d1fd2f23c441f7049384d1e36d539ca9eea22ea467afac4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8982f105d562171eb1e9658e968918e9 |
| SHA1 | c04e1bd158b6c23050688e7e58adc7b354044f01 |
| SHA256 | f151412461d8b89f9edca202f178b33fa947fd95ca1ab46e1b38f070b80cb68f |
| SHA512 | e1b2d9bfc42880e07ccd3b84dff0952e6fae71f5066fc698e0799908587adcc1630995d23a4d93a9b2ed1b6dfc63ff5e1d46cc600d80e764c7211988f9370322 |