Resubmissions

08-12-2024 04:42

241208-fbqxbatjh1 10

08-12-2024 04:32

241208-e6f5xssqd1 10

Analysis

  • max time kernel
    160s
  • max time network
    157s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    08-12-2024 04:42

General

  • Target

    http://steamconnmuntiy.com/gift/id=8237689101

Malware Config

Signatures

  • A potential corporate email address has been identified in the URL: [email protected]
  • A potential corporate email address has been identified in the URL: [email protected]
  • Detected potential entity reuse from brand STEAM.
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://steamconnmuntiy.com/gift/id=8237689101
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca7a2cc40,0x7ffca7a2cc4c,0x7ffca7a2cc58
      2⤵
        PID:344
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1796,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1792 /prefetch:2
        2⤵
          PID:1632
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1824,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1836 /prefetch:3
          2⤵
            PID:236
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2372 /prefetch:8
            2⤵
              PID:1944
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2996,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3008 /prefetch:1
              2⤵
                PID:4320
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3000,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3036 /prefetch:1
                2⤵
                  PID:3116
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=2980,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:1
                  2⤵
                    PID:5044
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4268,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8
                    2⤵
                      PID:4860
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3260,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3688 /prefetch:1
                      2⤵
                        PID:4388
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3324,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4028 /prefetch:1
                        2⤵
                          PID:3024
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5072,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:1
                          2⤵
                            PID:4200
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5020,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4500 /prefetch:1
                            2⤵
                              PID:5056
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=212,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:1
                              2⤵
                                PID:1052
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5132,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5128 /prefetch:8
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:2008
                            • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                              "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                              1⤵
                                PID:4784
                              • C:\Windows\system32\svchost.exe
                                C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                1⤵
                                  PID:1376

                                Network

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                  Filesize

                                  64KB

                                  MD5

                                  b5ad5caaaee00cb8cf445427975ae66c

                                  SHA1

                                  dcde6527290a326e048f9c3a85280d3fa71e1e22

                                  SHA256

                                  b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                                  SHA512

                                  92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                                • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                  Filesize

                                  4B

                                  MD5

                                  f49655f856acb8884cc0ace29216f511

                                  SHA1

                                  cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                                  SHA256

                                  7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                                  SHA512

                                  599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                                • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                  Filesize

                                  1008B

                                  MD5

                                  d222b77a61527f2c177b0869e7babc24

                                  SHA1

                                  3f23acb984307a4aeba41ebbb70439c97ad1f268

                                  SHA256

                                  80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                                  SHA512

                                  d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                  Filesize

                                  649B

                                  MD5

                                  169ea636f425c277a999d09a8ef5192e

                                  SHA1

                                  d24c50580983b84530dc2f9e95de9ef8e84ebb9b

                                  SHA256

                                  efe1a27f6c0aed321ee86acb1f23902c89a5da3c17c934fb1fb32993d54973e5

                                  SHA512

                                  e2e146963009cb5a856f48a35dc28ff10f1c97aa764ae72590d460be45bda06903df95adc7aec2bff7a3f1d12556fc2004bcdbcbcfee1c5f7de9f8615c8de336

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

                                  Filesize

                                  100KB

                                  MD5

                                  f134fda98a277b1c8f20ab8fbe2fbd58

                                  SHA1

                                  a922796190a1f5bbb3c410c6ec591502050df04e

                                  SHA256

                                  27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

                                  SHA512

                                  2b2e8338afb9b0ca9b5fa3d452dfd80368b5d17566120ae6351b6d03572e5a69cedb97f165fbc31ffb3addcc00506a3fc0761cf2404a5d9826a8448a7c4d9f17

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

                                  Filesize

                                  43KB

                                  MD5

                                  7f2c172ca810d85c0596390b4ab21df3

                                  SHA1

                                  d4acb412e626e744609aa326247bd7eeec469bec

                                  SHA256

                                  4ccac6b00b8d6b7bec9886d8a23d84131bed955d995a37b5017196b03d1edab6

                                  SHA512

                                  961fd847cdc7b7c54dcb5ec19e3446701de454e9d06e1e2025360a1d0b426d204fb8aec90b854c7b2dbe3153aa66b5d90ba56f8ac6a8bc996177642d6f55c263

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

                                  Filesize

                                  37KB

                                  MD5

                                  231913fdebabcbe65f4b0052372bde56

                                  SHA1

                                  553909d080e4f210b64dc73292f3a111d5a0781f

                                  SHA256

                                  9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

                                  SHA512

                                  7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  1KB

                                  MD5

                                  7a51cd0c62c8d555c87d12c6de0f3d0e

                                  SHA1

                                  607421f236596cdd22d2e5759a28dc327fc014a3

                                  SHA256

                                  a7897752535657d07f3884b6a2e9c550f87830e61d9150ef4a362c9c33908300

                                  SHA512

                                  b6ffacf9178708bb6c9272ed82c3c9cce1e3e7b6b23dec509baf9d90729987d1151765d013befab7443f7ca65672e89252a988bbe26013c0a087cc143bdaa04b

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  1KB

                                  MD5

                                  546a66e244faa1cbc34f3f1bb217cfc8

                                  SHA1

                                  ab27e42e60a6977790cd21e1c3adfe192f7f9a98

                                  SHA256

                                  d1eebe3c3f07e1bba0a938b72c2d99c10ffaca79094a65c82e07262ae510cf35

                                  SHA512

                                  f04cb36adcfa2b218f7425737b5c8eaf81ac6ba858ba53ce4993a0169b8802a3055fc26750fad99d4f235322aa8034aac0d668a016f7d017b4cb36484f54b138

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                  Filesize

                                  7KB

                                  MD5

                                  8697ca23c9b716bd675e6189ce1fa4f8

                                  SHA1

                                  f75e534179fb670455ea1e00179905589437eec7

                                  SHA256

                                  504f87bb9dfa0b5557b2a94dcf12855969b14a1f41f3f2dcd137235b944c62b3

                                  SHA512

                                  9a5f25f8184a428e9603cb91dba8c65050c5a2b314b8767ad549700c7f59e8d59e991721fc34cd100a25031f40c30b329a14d21153a4cba025dab96fc8f2e953

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                  Filesize

                                  2B

                                  MD5

                                  d751713988987e9331980363e24189ce

                                  SHA1

                                  97d170e1550eee4afc0af065b78cda302a97674c

                                  SHA256

                                  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                  SHA512

                                  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  1KB

                                  MD5

                                  7783c8a28803daa9dc0b8736c46e5b21

                                  SHA1

                                  a30015289f02959b8c3c7946ebc44bd123bc0020

                                  SHA256

                                  ad5762ea40d504e48d9520b9cee019ecca488be6a49d20204c2229da8b0754a8

                                  SHA512

                                  6070f6ae6b40905fba5e66ae2efc4ea199f4cfed64ac6ca92aa28f5aa6bb0102d2aa654a6eebc7fb923746ff74e7af7e0353846832800fb9ca1d29460c69874f

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  1KB

                                  MD5

                                  550a388af0ca21bd1b2b69b268295c8b

                                  SHA1

                                  da5a828c11581fb39339a94dd9b88a17c982eace

                                  SHA256

                                  6882f7e9165610e31dac2e212d936e8c3c2f1b9b5f52a4c2596f5528deb60802

                                  SHA512

                                  617fb8780fb3ef03a1ea5c6ac6000436f77ce55e34966ed723a93ebb55785d69370d98a7cb47c13286935e7f6e8b97d9a5f13fc561e6d801ac1995e73ac91615

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  1KB

                                  MD5

                                  74cf3e020645b8771e6b566b9852e5cd

                                  SHA1

                                  781f9e024b8ec8093924d4e2504d9d173ea206e2

                                  SHA256

                                  f9ec0f9a7768c80d84eb9a0dbc0b5324440e669975c0c955142c6c490ad2dd79

                                  SHA512

                                  673e0a617258633fe657c6153d79284b9d8bf8e2aedaf3fa524488b36b8b899bf793652bda1b8a1315cea88d1b9edf8ee8ad49ee3c832fc632ce9505d85577df

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  523B

                                  MD5

                                  aec514d7ac6a88654b7b1be754db193b

                                  SHA1

                                  ab5c3fd8cf0903957dd3dc59c5f69a72a1e65370

                                  SHA256

                                  3c19538aff43ea74202d94d08c82df18c8b59bd81af8072ad6a955c55d4db1d2

                                  SHA512

                                  248d831611c494c18d300f8448579282bce0a5966cd76f36135262d2960302bead5fb95fcbff0bf5bd79f5b3c8e788731ada2af5cf6f4be7eaa2af447e58b86d

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  72698e3497b1191e9ced9410c572cd24

                                  SHA1

                                  fbfa356a17d7433e2be612522857bb71fa37ff68

                                  SHA256

                                  0194d04f60caac23afec154bcda7fa9ff15ee5df1245212f5b4f912350735e1c

                                  SHA512

                                  9f150487892af24df9894df2d317e3b181b1102537790d8ebf8203e17d86319e5a0043e7ef671efe6332aa2317b0d0db879bb385e12873def6117f26c3af55ac

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  6275f44b67a4ed7c7958129e93dd2035

                                  SHA1

                                  b3dd92f297c4f6dc792bc8c8809ecc98badd3f09

                                  SHA256

                                  d9618fdacddb6fb8a6979dd712271b8ba95ca07d452e24903e87d4cb633ff9a7

                                  SHA512

                                  0637fd0be966983dfbec3a018b8391c0bd68aa2fcdb1a6f414c3d4d50f39be407fa39d95616bb57e8bfc8fb69ab17f7f369542d663c2e86e9078e86215a125ae

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  d0730e84c85dbf0d04efdc7a301eee0d

                                  SHA1

                                  4ca52f213aebf72a4de611968eb1f263c1cee06e

                                  SHA256

                                  ba79796617497d58a4d011a56637a9b688dbe00e989a73f06707963b3f728abf

                                  SHA512

                                  7328481ad21909f64241c7c0c38ab488c393b8214ad3e8a0ee8493d3c7d351da93ef102a5222c3c6271375e7de5fbd172bc5189158f8fcbb2b4fbe20ffbd96b4

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  72a656ced7bbbee6c05d7c2b3fd25a8a

                                  SHA1

                                  914843f3edb4b83c200a9a6ac45cf5b65b3defe5

                                  SHA256

                                  1904df5ec527fc8964f63ee9df070aaf47e647cf14731e5c8e02629d6afff62e

                                  SHA512

                                  7c78831cd3621d7b062c998889d0fe4d75d9a9d9719443700f1d9d7bb2f47b1b13c27fb3223e952a80a91ca7066540f542d14c49bc7a1799427820236c6671f1

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  092b61310985836c3c8b3e9b131f6039

                                  SHA1

                                  d576a43cf80939f153a9927e524055cc85d8af60

                                  SHA256

                                  53eecc7729fbe1ac7da54becc2e1c97d0fe22e1d206b328a8b8d5bf5ffc77c12

                                  SHA512

                                  e8683d87701725b02eb02cd740a675711c48a0cd2f5a97c59a9566a0864bea09fc898a9750d8625d792d4151366d23c05bf0fcca211bc8d5880f9fde97a7e07e

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  aa0065cab538e30f215f0a5ef25f9c0b

                                  SHA1

                                  f0e634de88b830a1480f6a0431aa23801574dbd6

                                  SHA256

                                  7bac3fd01f3456c5f8f9f0c243977a005ec08e059636ec021d806b3558983fff

                                  SHA512

                                  2f5c20ee603a0c7769d573925778fe912d4c3e615150828a7f055c8ceaf1e1501c69b6c5aafe148a77a67babe6b06c2ff8f97ed4250620872f0cee95c38940e2

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  5d413584f9c9e4db6eed2627850840d6

                                  SHA1

                                  31bdec9e2e32ccbaaedaf6984c28b6c05a4f0971

                                  SHA256

                                  8a3c887fd7784bdc6a9dc74fc8beb7214131aa20d2b76a9e106d5c74d6c40cb4

                                  SHA512

                                  91d19a33ffffb3f1c2fce471b8ecd156c36a56551609bceadd1e487b925dd43e80ac62c976393cb0184de720b28566b60a65efcd6698f790496e2107557b3623

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  fd1292e404daf73c593fd6ae33634c91

                                  SHA1

                                  628a4d126988176bf42030b0986ff7e2b08a717c

                                  SHA256

                                  47801a7634561a6c99e9785840d719021f9a7f841c617961c49458b4d9e092f7

                                  SHA512

                                  dc64c896bd3e558b3bcdd0038558cb81918a60d62ec52d494b62d10cd0580d6bf30e3cf39cccebb29a169f54d76e41f12356c142d1648687622efb4e955d7d5c

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  8e1e9453c3784bb307e09b1e6019405c

                                  SHA1

                                  e82f20cfee504d7d7b55b78708d6f93bd8dfe4db

                                  SHA256

                                  a18310d594088bcc74a07e8d506ea0615bacb64fa6dab7997ed8c7cbc0bcdf6d

                                  SHA512

                                  0cb7af558678c1bc5c3dffc48554f17f8d7e3f87fdd479a3a4ced2563cd358386f76923a28ba85f96c0f47e8fb6bd3359b1c16c75267b5b91912d153e1499850

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  10KB

                                  MD5

                                  b6a18009f0a4139cee2febed4aad1b34

                                  SHA1

                                  2bb2a781bcb3e3f00899a71a25da599854124089

                                  SHA256

                                  7fc0e5c27cd62492882ec6ad0c8f503cf95f4eb259195ac0bf2ff276ff8644b1

                                  SHA512

                                  4957e80563bde112358a93abb57ab84499782f491e091fee51e3b960604c5bdab73080ebced08de1fac9adeda65efbec3adf49c2ebab7d414c8e774def6d1f88

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  b905fc473c8c92028475bcca30aee4d6

                                  SHA1

                                  119d7d6af3059737efbdbd5031c0819703311c93

                                  SHA256

                                  2e5dc71f3c8d1ddcb88ca7ef9287b1373dfbb29cee4bf2abc2ca795a59af4150

                                  SHA512

                                  9a168db8cb6094bc8a0b2ecae14dd3c57a9b90f40b14aa133f62df2fdd9816ccc86ff079335dcfdb44f5eb216cb9c898099ae708f625cbf944ed2b5634db1136

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  228KB

                                  MD5

                                  9a821b61e014494943b3f645a817c965

                                  SHA1

                                  3456e0e0996d45afdf473baba576e070431cf573

                                  SHA256

                                  63eca70d5be6c82459600529f2ce69ac9bfbdc9318eb6dfd629f4d162733cdaa

                                  SHA512

                                  876bab8de4d6ba09b054e6cffdab16e4c668b121e8fbcae2f15804b85ea1a7888078dcb5ea437ddcebec59088d2c2244f33c45739fa8faec7c281bb4fc33e190

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  228KB

                                  MD5

                                  f1244b29d8f7d20462b809d19dfd20bf

                                  SHA1

                                  b5406b60cad457a8752553eb1f560448af126f25

                                  SHA256

                                  6f712498fe0ed4acb5c14999b6e0717d6b0a82aa415246cf104d066a9dad2777

                                  SHA512

                                  5f4fae77362dcbbbed207a183b1b0483c8c3c745adcace81230826b0e5e9dba99654de0063dad9f18f7902e948a2c358e4a92a9428379371b07179ac2f36c66c

                                • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                                  Filesize

                                  2B

                                  MD5

                                  f3b25701fe362ec84616a93a45ce9998

                                  SHA1

                                  d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                  SHA256

                                  b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                  SHA512

                                  98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84