2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
05-12-2024 14:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eicar_com.zip
Size

184B
MD5

6ce6f415d8475545be5ba114f208b0ff
SHA1

d27265074c9eac2e2122ed69294dbc4d7cce9141
SHA256

2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad
SHA512

d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

EICAR Anti-Malware test file 1 IoCs

resource	yara_rule
behavioral2/files/0x000b000000023ba1-4.dat	eicar_test_file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133778834524154828"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1852	chrome.exe
1852	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2016	7zFM.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	2016	7zFM.exe
Token: 35	2016	7zFM.exe
Token: SeSecurityPrivilege	2016	7zFM.exe
Token: SeSecurityPrivilege	2016	7zFM.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe
Token: SeShutdownPrivilege	1852	chrome.exe
Token: SeCreatePagefilePrivilege	1852	chrome.exe

Suspicious use of FindShellTrayWindow 30 IoCs

pid	Process
2016	7zFM.exe
2016	7zFM.exe
2016	7zFM.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe
1852	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2016	7zFM.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1852 wrote to memory of 2432	1852	chrome.exe	94
PID 1852 wrote to memory of 2432	1852	chrome.exe	94
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 3688	1852	chrome.exe	95
PID 1852 wrote to memory of 2996	1852	chrome.exe	96
PID 1852 wrote to memory of 2996	1852	chrome.exe	96
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97
PID 1852 wrote to memory of 1664	1852	chrome.exe	97

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\eicar_com.zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:2016

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffaedd2cc40,0x7ffaedd2cc4c,0x7ffaedd2cc58
  2⤵
  PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1892,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1880 /prefetch:2
  2⤵
  PID:3688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2172,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2364 /prefetch:3
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2212,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2588 /prefetch:8
  2⤵
  PID:1664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3200,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3308,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4620,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3744 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4844,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4800 /prefetch:8
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5080,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5068 /prefetch:8
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5100 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5136,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5108 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5172,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5008 /prefetch:8
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4784,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5152 /prefetch:8
  2⤵
  PID:4208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4564,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5516 /prefetch:2
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5520,i,3201253250347740021,13399036664794323023,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:4876

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4720

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2952

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
2e11e28e9ba03dc76898f856bf4acfb8

SHA1
b5cf9cee51d120696d449b32ed4d1a2a16e83fcb

SHA256
b033c4c88f8a3ba20a53d94f6803a18b8f1967472217221ddae7a6925acefc42

SHA512
cdfd6a72b541e11fbb5b2ba276e9c34ab3f7dae3c741a9beaea069c782add51e75a4bf024cdce7d3db07d2e220f124626cc0b52651c197bd1d6aa0983e4ef073

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.84.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.84.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c9e740605d89e31729206e734cbbc9d7

SHA1
491c35031adf5a94616866fc2bca27ca6592d997

SHA256
c458f46ff870b9a4aa3e48248750094410ab480f098daa7c435fda7641786b13

SHA512
87c97c11d8ad7d42b6204ef8792de95a5dd95231faa60406ad950d88049861cf6368ee1e41fa53ddacfb2edfa567ce72905ec1175263cdaf76e459fde552b459

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
c98e12be8da71b0c44f6bf76a08fba5f

SHA1
8700ea1532f3f395840a8d809e5c4e6958cc64a7

SHA256
c856bf0ad71dcb0b6f8ef5df59268aaaf0d34e72541cd14d73ff1f9e3ca5f411

SHA512
23966d116304b91e66a9b2a1e7a55c1c2add654cae4453e8da168cc454500e6124c10f7d18b844937bcc293b5e5ca2db5b22cf872f2a149265b2d2c22cf7b942

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a85a9ed1ccf80bdce8f64fcb215b7fad

SHA1
356838d8afccf8c95a1c62b5c82a346e4acf5ce8

SHA256
7f0144b8b9135e8c7b2337a70801dfe53298e9f549f937b428f55044003e7836

SHA512
cc9956e04e5bd6b66ff62794940fc0c63042e3ed335e3e10c82d0b6d919902328327e75a70613eef3137e254b7ce414320b29932f429df143e594d96863b1520

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a63990050b5b1f7169e360daad627f04

SHA1
1806889349ecdb0fd7f1543bc8c2bb41d99e2d52

SHA256
d9fa2f89ef97cd079f7c9e2f2a682ec78ae685801a7c2633cc0e7a79bf897593

SHA512
1e7230561471b850db2510263587698ec956377ef0a7f56aa929767c0817024ffef759f2dcc4b0dbf7b616c7e0ca26084e6acbe3f2d3011cc3d0ca1bb9933f61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9c90f6c534c9193bfb3c0676a9b9b85f

SHA1
f03bbf804a1f619e6012182ba31019d6143d5dcb

SHA256
d4a4717a4610d0ab77093e7c03491b59c9c0f759b7885e2c8a37fc25e5e14714

SHA512
4a235d3b7f26ca711f9f63af7c104db7b6fa8aa9e729775175f8bddb7f5970a08bc5e33b9a66dc01ff719f3ec1765b0a0bc581f2b83c051f4e84e4e639b4a95e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
35c23b46a41795bde7f3666c110130d4

SHA1
9c5157db643628f2f31fe078643b59e3747da4b1

SHA256
f1b127841277c5872bef4753050092b762147cd1422b620368723fd8537ee195

SHA512
badda91b0bddf45973fe807ce03f97055b12856779f73fbaf08638d66d15370182897ef88b12346861e999dace510167daec10b1ca3da75f668d4cb2cc0471ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
7889c4fc2e56baa8c7bc1d6b07690944

SHA1
5f4a2585e20d9404cf904371e4169aac7047c1c2

SHA256
a060915d5c8985ef12f895247c11f291b694dc799100178d1244dbdc359e61b9

SHA512
4cd253ff100c9635a480eb7d0b603d68dedd35fba636502244e88846654326c76c916ccc7c0c7d951cb650e99e576afa0d8ca2200dd091cdfc42967e04cc71f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
6dd9db86d409dd6a36b61eb1d62e9da8

SHA1
624a66216b3e3d4eba4eeec12522cb9de8a88e04

SHA256
4fffb3f030d96f873cef70d06d7db10e72657f055aee06979dffcd5638b0c2c1

SHA512
37a51de8789036f839952c11febeb1e9235b8a81db6cabc95ae2ca6b4b0645f2f6a0370ff603e3b908428d4752be263c910916e70e35466a7665e0a8785255f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e9dcd113-08f1-47bf-8832-9f9154a7419f.tmp

Filesize
9KB

MD5
b6db221c788962e3ea51fdb2cf866167

SHA1
f368fe4f20cf59f5ece06ddf279acc6ef93e22cf

SHA256
211929dc00268b67d10142499d0a35f95f57ab9d4fc185b3bb4c1b576ee33169

SHA512
24e4d81228d155ac57d957e8111246954c0bc7846a948700b47d71885f48e79c25375575218002b8101ba1ad01534c89b130969143fbdec8dcf99c00e4110db6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
5c144c6a304551e3171df05571428ac0

SHA1
1e60efd9e5a34c74ab6d513c7b3c430c0e93f619

SHA256
34a83178185180465c30f286dace94217eec7fc933ed2782d73ae43bedf85d87

SHA512
843ee69105b9170b9d5a4e80a8c7362000805aa84152e528aa3648f92d57865edb3334c3431e9a35549146fe1f6cac422dbd4762cade4e1ea5beeb3382dc9b18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
4b17814423f6ae5e29c69eff603e85f6

SHA1
4fc248867ef88050432458023cc20e4b5a91fbf1

SHA256
f71d6023343972dc472e41cfbeb09a430d15319e6d7152fdaeddc72dbb859380

SHA512
82382d5c714ea7acd67595595a0dcb7867c1aca6b8dd78e76c23d9214fbb9ac810f87ace461f41dba754a054b1f57f1ba5bbe0d0ebcf3e34655f878374561811

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zO0E752B58\eicar.com

Filesize
68B

MD5
44d88612fea8a8f36de82e1278abb02f

SHA1
3395856ce81f2b7382dee72602f798b642f14140

SHA256
275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f

SHA512
cc805d5fab1fd71a4ab352a9c533e65fb2d5b885518f4e565e68847223b8e6b85cb48f3afad842726d99239c9e36505c64b0dc9a061d9e507d833277ada336ab

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1852_352925654\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1852_352925654\c82b22bb-724d-40a3-967f-2ef775121fd9.tmp

Filesize
135KB

MD5
3f6f93c3dccd4a91c4eb25c7f6feb1c1

SHA1
9b73f46adfa1f4464929b408407e73d4535c6827

SHA256
19f05352cb4c6e231c1c000b6c8b7e9edcc1e8082caf46fff16b239d32aa7c9e

SHA512
d488fa67e3a29d0147e9eaf2eabc74d9a255f8470cf79a4aea60e3b3b5e48a3fcbc4fc3e9ce58dff8d7d0caa8ae749295f221e1fe1ba5d20deb2d97544a12ba4

Download Submit