hxxps://newsletter[.]api[.]simpplr[.]com/r?et=newsletter[.]link[.]clicked&u=hxxps://main[.]d20r0ia4y55vxn[.]amplifyapp[.]com/Khpxa&tenantId=00D8b0000028KoiEAE&newsletterId=e166297b-aa62-433f-8b90-5b2fb323bb62&userId=a0w8b00000JnH2lAAF&blockId=block-6dMGzSLLTa42b8nar5Xdx7&blockType=RichText&index=1&clickType=link

Analysis

max time kernel
300s
max time network
287s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
06-12-2024 08:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://newsletter.api.simpplr.com/r?et=newsletter.link.clicked&u=https://main.d20r0ia4y55vxn.amplifyapp.com/Khpxa&tenantId=00D8b0000028KoiEAE&newsletterId=e166297b-aa62-433f-8b90-5b2fb323bb62&userId=a0w8b00000JnH2lAAF&blockId=block-6dMGzSLLTa42b8nar5Xdx7&blockType=RichText&index=1&clickType=link

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133779481800865267"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
408	chrome.exe
408	chrome.exe
3260	chrome.exe
3260	chrome.exe
3260	chrome.exe
3260	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe
Token: SeShutdownPrivilege	408	chrome.exe
Token: SeCreatePagefilePrivilege	408	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe
408	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 408 wrote to memory of 3680	408	chrome.exe	80
PID 408 wrote to memory of 3680	408	chrome.exe	80
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2612	408	chrome.exe	81
PID 408 wrote to memory of 2512	408	chrome.exe	82
PID 408 wrote to memory of 2512	408	chrome.exe	82
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83
PID 408 wrote to memory of 1704	408	chrome.exe	83

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://newsletter.api.simpplr.com/r?et=newsletter.link.clicked&u=https://main.d20r0ia4y55vxn.amplifyapp.com/Khpxa&tenantId=00D8b0000028KoiEAE&newsletterId=e166297b-aa62-433f-8b90-5b2fb323bb62&userId=a0w8b00000JnH2lAAF&blockId=block-6dMGzSLLTa42b8nar5Xdx7&blockType=RichText&index=1&clickType=link
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ffa7f7ccc40,0x7ffa7f7ccc4c,0x7ffa7f7ccc58
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1908,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1904 /prefetch:2
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2124,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2244,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2196 /prefetch:8
  2⤵
  PID:1704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3112,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3120,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3700,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3116 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3696,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4636,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5060,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4888,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4936 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3308,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4668 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4952,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:4312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4756,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4412 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3192,i,11466156518506882395,3100489149619455569,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4872 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3260

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3936

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2428

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
8a136eab82fb31f3623c415393a2cb9c

SHA1
7032b6d7f51843b3db087ef6155c971c0715f905

SHA256
ece4b0ca39c2d06c8476e2a5cea089efe386045d5cb0d85860ccd4d37e9b18c7

SHA512
59685180fd747721cd441bde468170fe1449975be9dd15826bc770aec0d32babb4e5bb7325104f0316a6c24760bc6c408197a671f0b05960c42267a01b128a16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
432B

MD5
24567bab35c839852257870665336115

SHA1
778b95a63ef76009dcaf7e0cfe497a59bb941529

SHA256
95ddfa79185ff6f420252e0a69c495cc5173b58c162e9d1759ed40810ff58b5c

SHA512
3788b706971a72168f016513ffbac6a663db7a9d0f1a8bd6305be152b382ff6af4e43330c9c6ab01c419fe86468fc0c7e9df8856ed72754beae74e65e86d7b80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
a839f4da0440425d09433f86d66c258a

SHA1
c3ceceaabae7d70f4f847e2715c9407116937150

SHA256
b38f1645e548a7380f48a8018200551338d3172f7679115b4d403db59908c3c0

SHA512
d0794271190d2aac17e31a646c4b7ba2e8236520299c2b4207b414a63187e72121039e0b0c1051a8cd27ec2bc6d9ae639af7679ef7f27e36ecaa59187ba6f73e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
837c2666f102d4c4e16ff96353e97a29

SHA1
f15d12cb7c90d1cfa96b9d6116b62ed1a9ddcfa3

SHA256
8a2227bcc45862aff77318c5e78a5d7301cb7b8c67bc5163cdbb38eca21cf4a7

SHA512
60bed14fd59593d2bc30e9295ce3d37230489f13dd4641c6928566ecc28da8d222cf09f8cff99e180f42b26d38e4f3cf587d0d93ab67789240550f97378ca409

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ed488b1e8c011deaf1f6e417948960de

SHA1
3145da94dc54a0461bcfbf67b86f58d1c49d6af2

SHA256
c543c0a29a818fd6f49d8043d44a92dd95bac5b61a6ca7890fedb8ab1fabe52d

SHA512
707078caca59ccead693d1d9a39a7eceaac793ec4122856fccdd6445ff8bf0efcde8c824554e943b386d12777cb13e22117963ceb8846d9a3ccef58027b66937

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9a3673c01f111ccd43047b5b40e910b1

SHA1
a6e0fb0cd1603d4fad16ecdb921687c76c119448

SHA256
d6ff6e3ef5ca8d6d041d28b940ded5a69f69768f9ee9def4d9712594e83a03f4

SHA512
eb10a73b0db908bcd57544553e3729ac022651138c0fb81d539cdd36e29ae689729fc3678b47814caa8eb53b8e51edd83b74315045ea72a0b2ccd4b17c4f1671

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1de7b07d197dfca077004aadc237af7a

SHA1
4ffc13f65f253d942dfd4e8dd5a1affc1c4d7049

SHA256
b8d604551323b1493b4b0c9dd5bc3e9698fe883fe4a7edc64e6f8b9b72837b84

SHA512
1da2e8237cc228b7cfb2f5441ea5056e547dfb8648a7b8de7a15057289ab1e99f6415711ba0c374f40beeed82f0ffa524a12c313d8e12f20ac4ecb2e07614d65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a1d471bef89278e9f5bee19921ab56ab

SHA1
6cec5a539d4016673bb067afee86dae38e05a668

SHA256
b9ff51d37cba8df8f01419fe614b71d190469215b5a939e5d285a38adc797b35

SHA512
f6f736cd790b449291018f98fec4c5c8551c648e80896cbc4723a6d3f41291bd9ff238d4e5c822f20ebaf3a179fc96feb039f936b951761775620baf16136a9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
33f9a8552fdb6d44048f04b0251954d3

SHA1
66924484b266ec3cb71c25435bf02732022e88a3

SHA256
ddc9756933db74cc2d2bbfd1e1c215850fdd665ab02b74f668605afbc9ab603a

SHA512
d952055375fd8dd0fc058a488dc277c19365d8b99ff187a17f1331c668fc244e94f47ec1aa845082e98a7211524389171b0f68ddf65049c84b27d05617deff3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2436875de34e5942aa118b70b376bec7

SHA1
e1fc9d0633c48e3168531acc61286c28daadf1ac

SHA256
353040c9faed31a5264ccdb8be3d7e762b5c955be644148fdbaae65cff87ac3f

SHA512
e7d2b5c386b772316c95dc7c786a3e3ae95eeb35fc6538ed3f68ac4e82db12422b667e094f52d9c417e75e4e3019e6a2506420a2a015ef02b58eac2bfb594860

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
156813a7fb0391c4271ed2606520ff0f

SHA1
2b4434fc91c575554bb88d9bf47b63b4818774d5

SHA256
c3e5b20f7cbf276f2468f476928b6d0b9e746f0801a3c622baedf20a76f723c9

SHA512
427d6006af16b5aeea43e7bd0eb54975244ad8e30fff5478593e883798c84973418fa3b743c8c3827868fa67c504e7f67137fc2cf13f93f0d64740eefb183cfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d24ed361a5ed3bb87051f31bd80054a3

SHA1
5e78ee4b985ec3d661dab4edee7d03f16b56858d

SHA256
1ca1edb741f08a6772f5475c994a4bac99c2f0e77abe06a94378aad420122507

SHA512
a7578341b1e143fac3d1290c02d288ef0e379b90202aa52f70a6b6c59b4e16df6112d5776a5bb5c5a9b2ef61ad976e61862ac238498b84b4c84338043066e38e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
07b0841f5b027f0c2da3a4a8e1df30bb

SHA1
d63184355d4278e9c2ae09876a9d2fe48def415a

SHA256
0c9fa26435e4ed24c6120343b4bdd06159a400d703931842499778f5687492d9

SHA512
8f7f1b834184959db18a696455d21bc73adc4bf94932d4c757c8b30ae2b78901e152fe22b74ddbdd46efd36f66ea4ed2f2d35f6f47f40aebf022144986728905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4e26e308985f4f2a80655b5cd5ecf46a

SHA1
39c514bece2127959f585125a9fc0659715355b5

SHA256
7fb5bb54fb8f702bc67cab0ff93044a179ce47ef023d5a6310d93083039d7cfd

SHA512
f28083ba1197793b436d00633378062de0bcf30a9adcf6977ce7bf4c9dc98067c793c33348f0be7964eb1d5f1562d01caa96848a6ff2a469b57c825050cf2ea8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1ec3b253fa3a897bc3a215655eea27b5

SHA1
ca67ebe70f6294703231a1aed662d77261b34bb1

SHA256
0d9c3c0054b36dba4ad0507d2ba09ce0529b72997315752a6b9490d4af71e47e

SHA512
934027b175368aba5d6d0ecaf47679f25b83bc1322e456a5f084dd94d56196783ba284805986ccb91326fcbedc55545bd65637a7dd0edeb60e7f7c6c20a37c9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0ee42edfea2622474d415a3f1be4bf08

SHA1
1c263fc1a140a20cbbb3e3628fbb73f546cf0166

SHA256
69897f083d37e57ffd6f59ca766c750ee15be610d40c4d325f0b29cf6e08aae4

SHA512
099052d2dcd654cf22cdd2ae5f85cb130379bf0463d1464b63b39352f2156f1604211055b6f13dc285ea2d44a879347f5842a655210b3d9a8c01f6c569f262f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7af41210ceb48068c7b36ab17c475320

SHA1
e4958b452c02aed495628dc02fd8041cbf4d7455

SHA256
52a28fd84695ed4bbf572aefa93a5d2a7beb5cd8553de1d976fcb4b78fd6db2c

SHA512
44a4fb9131c703871d5deac2b80f91d9e8f53ebbcc1a07f1762369625272ec1708745577b36f8c76e1d9f8e1c31a9f0fd339c2aa37c3b76d4f69c96956fa32bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f2fb31adc2af13da93f26848ff294f78

SHA1
ade52eb44dccf7974a47901d5470a7d4644b4ab7

SHA256
99b2afdec245613e085bbbdfa08eb5493d3a5f7ed5d5373232eaaff29d46f2f6

SHA512
922462c64a0a21dba4af8f51daa572ada94e8e785200cc9a4c27add530a0b52ea6ecb712ccb13eaf75ebcdf6efd412b6ed0e327d74dfc6ade69cfac1c7f52100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
fc15fe04ee8e74117d4c4bdde2913204

SHA1
78ea6f5b124f92621dc7a1545f49520b5196a210

SHA256
eefb5306fcb0dc2c624d531b5f25c34d51bd7d40d6f6042f4dcadc3d8f43622c

SHA512
4e9827e201ab49d4e5e0eca64a25fafc78dcf2208a17ff1c5fa4217feb665933b88620a08b86fa8c8578d06ac99b31030dce7d37749ab10dd1d6933b0c0aebf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1d032c017f21981346eaadc3c4757cd7

SHA1
5313e06aab068cdd09279c2526dfd2ffbd7f280a

SHA256
e80de2206743c79982f6b29a93149b957d21de36b0024e13b123546d8bee3792

SHA512
7f65752e288e121930e511492335ffddf3a065484bbccdc711204248dde791d86dd09c088a6f3a34631349ee6fad479886d70a507e912c62f2d7063a40b65cbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
bd546fddee1900125d96327bd8ae51a2

SHA1
bd609958a56975632f5374cc28cd0450bbfaadb0

SHA256
3e82744184244ff28484e978c72860fede35463ee90435f0738c86d0ba18d4a6

SHA512
cc41f94fcf07244128ffa30298275adc95deffdf162682eb3b17ef7288634625f47b8b2af578184fa406b2a590d4ad6afc09746b7a2cdbe6c5cd28f5a88e23a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b6e267943858755e17acd43d02ef66e5

SHA1
edad78905bf9c6eb83a49fad9089dad056d60ca7

SHA256
15785d3e89389e2ab722a0ea7c08ac3b390331016a40439f8834c09cf080c152

SHA512
eb4433c6c5139a76ff9086258540ed615185d6795d3ffbac41de60fef401e783a471119c145c26adc9f93b8bb8ed801e552c8554e1b6b57dcf70457ec8dcd0c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f03737822adb9aa504313140884a8b13

SHA1
b1e6602aa22b94b1a4a225a0528a5351dd5da20b

SHA256
6f77d8597c3eafe775c54594fe3a529209018a778d62430bba21cc8a1bf65040

SHA512
9f830f7dc70f08f45deff6bef18870db577cc0b5dc7e5d0403ee78871116af6c020817294fde719a7315913e1af878f330f614f3df385651ad10c6b6098d2e6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b664ccee4d6624064302e81f37b77068

SHA1
2613e60d444e51288b914b36404cb3d5cb80ad85

SHA256
c86ee2c6481e5917e21a8ecddc8f8a5c0cc3d416dd7eab48c07ff20f3ffdb3c6

SHA512
cfc0634b4ea2d7ca4fdec8c485e25ddf990a7285f98bb141b06a4f16d20c912393bcca756b3b1261cd6014f01b9daf3170cda23400361a52c645e273e9003491

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8a9f9d694dec4146d7bbac1349ceab60

SHA1
92f7fcd9284f6bf2b5a57d4f174488d52111d671

SHA256
0d6849251442bc446fc03e5b7487cd7f9456e1780f804d7608c6da305913bdab

SHA512
f15ecfc915870c785191b3c042467353840761b794a1afc153382abe93a39d58aef06d8d3e4c1a8a145155b461f21022fbca4b2602552581c7e8f65853fc28c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
5ce1e0e9ecda7a48d8d555eda36ad654

SHA1
745cdf91727a1507721d51ffa975b9ee84ddc739

SHA256
313a70870cdfe755ca5080eb4b73790bc5252136b0f886f006c83eb151914cb2

SHA512
949ef79d7de3c297c5c8b63ed85b1b1fd2481d72250cb052ed4615f57993140b867b576def22710031ca5110233230e1745b1d831fa32fe8ed513c02fe331bab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
1f5390299ff467e9649e6f11831b7f75

SHA1
95d4c526d01f3318248eb126b567f6095d75b73d

SHA256
0ffdacdc28a059d157ff5599266c22c39774f178c0f281b34aa7e9fb139c04d6

SHA512
97245351d36ac09d5913ea3054408bf26d7f9c31558e6ecff47842c4ff5b7261ac7ef5e2f0e8637be76077515bf50a038a7e06e11292ff4051d8bf287a69d561

Download Submit