Analysis Overview
Threat Level: Known bad
The file http://steamconnmuntiy.com/gift/id=8237689101 was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
Browser Information Discovery
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-08 04:42
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-08 04:42
Reported
2024-12-08 04:45
Platform
win11-20241007-en
Max time kernel
160s
Max time network
157s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Detected potential entity reuse from brand STEAM.
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133781065661972917" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://steamconnmuntiy.com/gift/id=8237689101
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffca7a2cc40,0x7ffca7a2cc4c,0x7ffca7a2cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1796,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1792 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1824,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1836 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2372 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2996,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3008 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3000,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3036 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=2980,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4268,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4664 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3260,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3324,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4028 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5072,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5020,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4500 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=212,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5132,i,7166777244601648281,11780370419070850007,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5128 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | steamconnmuntiy.com | udp |
| US | 104.21.49.225:443 | steamconnmuntiy.com | tcp |
| US | 104.21.49.225:80 | steamconnmuntiy.com | tcp |
| US | 104.21.49.225:80 | steamconnmuntiy.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | 225.49.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.16.124.96:443 | api.www.cloudflare.com | tcp |
| US | 104.16.124.96:443 | api.www.cloudflare.com | tcp |
| US | 104.16.124.96:443 | api.www.cloudflare.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.16.124.96:443 | api.www.cloudflare.com | tcp |
| US | 104.16.124.96:443 | api.www.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | tcp |
| US | 104.18.31.78:443 | performance.radar.cloudflare.com | tcp |
| US | 104.16.124.96:443 | api.www.cloudflare.com | udp |
| US | 104.18.94.41:443 | challenges.cloudflare.com | udp |
| US | 104.16.124.96:443 | api.www.cloudflare.com | udp |
| US | 151.101.66.6:443 | fastly.cedexis-test.com | tcp |
| US | 104.21.53.61:443 | cdn.logr-ingest.com | tcp |
| US | 104.18.31.19:443 | benchmarks.cdn.compute-pipe.com | tcp |
| FR | 13.249.9.39:443 | p29.cedexis-test.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 39.9.249.13.in-addr.arpa | udp |
| GB | 88.221.135.114:443 | cedexis-test.akamaized.net | tcp |
| GB | 88.221.135.114:443 | cedexis-test.akamaized.net | tcp |
| US | 35.190.26.57:443 | benchmark.1e100cdn.net | tcp |
| US | 151.101.1.51:443 | exactly-huge-arachnid.edgecompute.app | tcp |
| US | 104.18.0.248:443 | serverless-benchmarks-rust.compute-pipe.com | tcp |
| US | 104.18.1.248:443 | serverless-benchmarks-rust.compute-pipe.com | tcp |
| US | 104.21.49.225:443 | steamconnmuntiy.com | udp |
| US | 104.18.32.137:443 | privacyportal.onetrust.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| GB | 88.221.134.107:443 | cdn.akamai.steamstatic.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 88.221.134.90:443 | clan.akamai.steamstatic.com | tcp |
| US | 172.64.145.151:443 | store.cloudflare.steamstatic.com | tcp |
| GB | 104.82.234.109:443 | steamcommunity.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.21.72.124:443 | fonts.cdnfonts.com | tcp |
| US | 104.21.72.124:443 | fonts.cdnfonts.com | udp |
| GB | 88.221.135.115:443 | community.akamai.steamstatic.com | tcp |
| GB | 88.221.135.115:443 | community.akamai.steamstatic.com | tcp |
| GB | 88.221.135.115:443 | community.akamai.steamstatic.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.3.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.131.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 151.101.195.52:443 | store.fastly.steamstatic.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 104.21.49.225:443 | steamconnmuntiy.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
Files
\??\pipe\crashpad_2152_JDDGHWPWWRTEQBYN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 169ea636f425c277a999d09a8ef5192e |
| SHA1 | d24c50580983b84530dc2f9e95de9ef8e84ebb9b |
| SHA256 | efe1a27f6c0aed321ee86acb1f23902c89a5da3c17c934fb1fb32993d54973e5 |
| SHA512 | e2e146963009cb5a856f48a35dc28ff10f1c97aa764ae72590d460be45bda06903df95adc7aec2bff7a3f1d12556fc2004bcdbcbcfee1c5f7de9f8615c8de336 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9a821b61e014494943b3f645a817c965 |
| SHA1 | 3456e0e0996d45afdf473baba576e070431cf573 |
| SHA256 | 63eca70d5be6c82459600529f2ce69ac9bfbdc9318eb6dfd629f4d162733cdaa |
| SHA512 | 876bab8de4d6ba09b054e6cffdab16e4c668b121e8fbcae2f15804b85ea1a7888078dcb5ea437ddcebec59088d2c2244f33c45739fa8faec7c281bb4fc33e190 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b905fc473c8c92028475bcca30aee4d6 |
| SHA1 | 119d7d6af3059737efbdbd5031c0819703311c93 |
| SHA256 | 2e5dc71f3c8d1ddcb88ca7ef9287b1373dfbb29cee4bf2abc2ca795a59af4150 |
| SHA512 | 9a168db8cb6094bc8a0b2ecae14dd3c57a9b90f40b14aa133f62df2fdd9816ccc86ff079335dcfdb44f5eb216cb9c898099ae708f625cbf944ed2b5634db1136 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aec514d7ac6a88654b7b1be754db193b |
| SHA1 | ab5c3fd8cf0903957dd3dc59c5f69a72a1e65370 |
| SHA256 | 3c19538aff43ea74202d94d08c82df18c8b59bd81af8072ad6a955c55d4db1d2 |
| SHA512 | 248d831611c494c18d300f8448579282bce0a5966cd76f36135262d2960302bead5fb95fcbff0bf5bd79f5b3c8e788731ada2af5cf6f4be7eaa2af447e58b86d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | f134fda98a277b1c8f20ab8fbe2fbd58 |
| SHA1 | a922796190a1f5bbb3c410c6ec591502050df04e |
| SHA256 | 27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7 |
| SHA512 | 2b2e8338afb9b0ca9b5fa3d452dfd80368b5d17566120ae6351b6d03572e5a69cedb97f165fbc31ffb3addcc00506a3fc0761cf2404a5d9826a8448a7c4d9f17 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d0730e84c85dbf0d04efdc7a301eee0d |
| SHA1 | 4ca52f213aebf72a4de611968eb1f263c1cee06e |
| SHA256 | ba79796617497d58a4d011a56637a9b688dbe00e989a73f06707963b3f728abf |
| SHA512 | 7328481ad21909f64241c7c0c38ab488c393b8214ad3e8a0ee8493d3c7d351da93ef102a5222c3c6271375e7de5fbd172bc5189158f8fcbb2b4fbe20ffbd96b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 550a388af0ca21bd1b2b69b268295c8b |
| SHA1 | da5a828c11581fb39339a94dd9b88a17c982eace |
| SHA256 | 6882f7e9165610e31dac2e212d936e8c3c2f1b9b5f52a4c2596f5528deb60802 |
| SHA512 | 617fb8780fb3ef03a1ea5c6ac6000436f77ce55e34966ed723a93ebb55785d69370d98a7cb47c13286935e7f6e8b97d9a5f13fc561e6d801ac1995e73ac91615 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048
| MD5 | 231913fdebabcbe65f4b0052372bde56 |
| SHA1 | 553909d080e4f210b64dc73292f3a111d5a0781f |
| SHA256 | 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad |
| SHA512 | 7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72a656ced7bbbee6c05d7c2b3fd25a8a |
| SHA1 | 914843f3edb4b83c200a9a6ac45cf5b65b3defe5 |
| SHA256 | 1904df5ec527fc8964f63ee9df070aaf47e647cf14731e5c8e02629d6afff62e |
| SHA512 | 7c78831cd3621d7b062c998889d0fe4d75d9a9d9719443700f1d9d7bb2f47b1b13c27fb3223e952a80a91ca7066540f542d14c49bc7a1799427820236c6671f1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f1244b29d8f7d20462b809d19dfd20bf |
| SHA1 | b5406b60cad457a8752553eb1f560448af126f25 |
| SHA256 | 6f712498fe0ed4acb5c14999b6e0717d6b0a82aa415246cf104d066a9dad2777 |
| SHA512 | 5f4fae77362dcbbbed207a183b1b0483c8c3c745adcace81230826b0e5e9dba99654de0063dad9f18f7902e948a2c358e4a92a9428379371b07179ac2f36c66c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7783c8a28803daa9dc0b8736c46e5b21 |
| SHA1 | a30015289f02959b8c3c7946ebc44bd123bc0020 |
| SHA256 | ad5762ea40d504e48d9520b9cee019ecca488be6a49d20204c2229da8b0754a8 |
| SHA512 | 6070f6ae6b40905fba5e66ae2efc4ea199f4cfed64ac6ca92aa28f5aa6bb0102d2aa654a6eebc7fb923746ff74e7af7e0353846832800fb9ca1d29460c69874f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 546a66e244faa1cbc34f3f1bb217cfc8 |
| SHA1 | ab27e42e60a6977790cd21e1c3adfe192f7f9a98 |
| SHA256 | d1eebe3c3f07e1bba0a938b72c2d99c10ffaca79094a65c82e07262ae510cf35 |
| SHA512 | f04cb36adcfa2b218f7425737b5c8eaf81ac6ba858ba53ce4993a0169b8802a3055fc26750fad99d4f235322aa8034aac0d668a016f7d017b4cb36484f54b138 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72698e3497b1191e9ced9410c572cd24 |
| SHA1 | fbfa356a17d7433e2be612522857bb71fa37ff68 |
| SHA256 | 0194d04f60caac23afec154bcda7fa9ff15ee5df1245212f5b4f912350735e1c |
| SHA512 | 9f150487892af24df9894df2d317e3b181b1102537790d8ebf8203e17d86319e5a0043e7ef671efe6332aa2317b0d0db879bb385e12873def6117f26c3af55ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b6a18009f0a4139cee2febed4aad1b34 |
| SHA1 | 2bb2a781bcb3e3f00899a71a25da599854124089 |
| SHA256 | 7fc0e5c27cd62492882ec6ad0c8f503cf95f4eb259195ac0bf2ff276ff8644b1 |
| SHA512 | 4957e80563bde112358a93abb57ab84499782f491e091fee51e3b960604c5bdab73080ebced08de1fac9adeda65efbec3adf49c2ebab7d414c8e774def6d1f88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 8697ca23c9b716bd675e6189ce1fa4f8 |
| SHA1 | f75e534179fb670455ea1e00179905589437eec7 |
| SHA256 | 504f87bb9dfa0b5557b2a94dcf12855969b14a1f41f3f2dcd137235b944c62b3 |
| SHA512 | 9a5f25f8184a428e9603cb91dba8c65050c5a2b314b8767ad549700c7f59e8d59e991721fc34cd100a25031f40c30b329a14d21153a4cba025dab96fc8f2e953 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 092b61310985836c3c8b3e9b131f6039 |
| SHA1 | d576a43cf80939f153a9927e524055cc85d8af60 |
| SHA256 | 53eecc7729fbe1ac7da54becc2e1c97d0fe22e1d206b328a8b8d5bf5ffc77c12 |
| SHA512 | e8683d87701725b02eb02cd740a675711c48a0cd2f5a97c59a9566a0864bea09fc898a9750d8625d792d4151366d23c05bf0fcca211bc8d5880f9fde97a7e07e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fd1292e404daf73c593fd6ae33634c91 |
| SHA1 | 628a4d126988176bf42030b0986ff7e2b08a717c |
| SHA256 | 47801a7634561a6c99e9785840d719021f9a7f841c617961c49458b4d9e092f7 |
| SHA512 | dc64c896bd3e558b3bcdd0038558cb81918a60d62ec52d494b62d10cd0580d6bf30e3cf39cccebb29a169f54d76e41f12356c142d1648687622efb4e955d7d5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 74cf3e020645b8771e6b566b9852e5cd |
| SHA1 | 781f9e024b8ec8093924d4e2504d9d173ea206e2 |
| SHA256 | f9ec0f9a7768c80d84eb9a0dbc0b5324440e669975c0c955142c6c490ad2dd79 |
| SHA512 | 673e0a617258633fe657c6153d79284b9d8bf8e2aedaf3fa524488b36b8b899bf793652bda1b8a1315cea88d1b9edf8ee8ad49ee3c832fc632ce9505d85577df |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | aa0065cab538e30f215f0a5ef25f9c0b |
| SHA1 | f0e634de88b830a1480f6a0431aa23801574dbd6 |
| SHA256 | 7bac3fd01f3456c5f8f9f0c243977a005ec08e059636ec021d806b3558983fff |
| SHA512 | 2f5c20ee603a0c7769d573925778fe912d4c3e615150828a7f055c8ceaf1e1501c69b6c5aafe148a77a67babe6b06c2ff8f97ed4250620872f0cee95c38940e2 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | 7f2c172ca810d85c0596390b4ab21df3 |
| SHA1 | d4acb412e626e744609aa326247bd7eeec469bec |
| SHA256 | 4ccac6b00b8d6b7bec9886d8a23d84131bed955d995a37b5017196b03d1edab6 |
| SHA512 | 961fd847cdc7b7c54dcb5ec19e3446701de454e9d06e1e2025360a1d0b426d204fb8aec90b854c7b2dbe3153aa66b5d90ba56f8ac6a8bc996177642d6f55c263 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5d413584f9c9e4db6eed2627850840d6 |
| SHA1 | 31bdec9e2e32ccbaaedaf6984c28b6c05a4f0971 |
| SHA256 | 8a3c887fd7784bdc6a9dc74fc8beb7214131aa20d2b76a9e106d5c74d6c40cb4 |
| SHA512 | 91d19a33ffffb3f1c2fce471b8ecd156c36a56551609bceadd1e487b925dd43e80ac62c976393cb0184de720b28566b60a65efcd6698f790496e2107557b3623 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8e1e9453c3784bb307e09b1e6019405c |
| SHA1 | e82f20cfee504d7d7b55b78708d6f93bd8dfe4db |
| SHA256 | a18310d594088bcc74a07e8d506ea0615bacb64fa6dab7997ed8c7cbc0bcdf6d |
| SHA512 | 0cb7af558678c1bc5c3dffc48554f17f8d7e3f87fdd479a3a4ced2563cd358386f76923a28ba85f96c0f47e8fb6bd3359b1c16c75267b5b91912d153e1499850 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7a51cd0c62c8d555c87d12c6de0f3d0e |
| SHA1 | 607421f236596cdd22d2e5759a28dc327fc014a3 |
| SHA256 | a7897752535657d07f3884b6a2e9c550f87830e61d9150ef4a362c9c33908300 |
| SHA512 | b6ffacf9178708bb6c9272ed82c3c9cce1e3e7b6b23dec509baf9d90729987d1151765d013befab7443f7ca65672e89252a988bbe26013c0a087cc143bdaa04b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6275f44b67a4ed7c7958129e93dd2035 |
| SHA1 | b3dd92f297c4f6dc792bc8c8809ecc98badd3f09 |
| SHA256 | d9618fdacddb6fb8a6979dd712271b8ba95ca07d452e24903e87d4cb633ff9a7 |
| SHA512 | 0637fd0be966983dfbec3a018b8391c0bd68aa2fcdb1a6f414c3d4d50f39be407fa39d95616bb57e8bfc8fb69ab17f7f369542d663c2e86e9078e86215a125ae |