hxxp://youtube[.]com

Analysis

max time kernel
261s
max time network
262s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
10/12/2024, 18:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://youtube.com

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks SCSI registry key(s) 3 TTPs 4 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags	chrome.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	chrome.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133783277671145835"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3870231897-2573482396-1083937135-1000\{1C3446C6-4BB7-48D2-A084-C246BC1F2FED}	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
5728	chrome.exe
5728	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe
2140	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs

pid	Process
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: 33	4980	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4980	AUDIODG.EXE
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe
Token: SeShutdownPrivilege	5728	chrome.exe
Token: SeCreatePagefilePrivilege	5728	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe
5728	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5728 wrote to memory of 2840	5728	chrome.exe	77
PID 5728 wrote to memory of 2840	5728	chrome.exe	77
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 2768	5728	chrome.exe	78
PID 5728 wrote to memory of 3196	5728	chrome.exe	79
PID 5728 wrote to memory of 3196	5728	chrome.exe	79
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80
PID 5728 wrote to memory of 3980	5728	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://youtube.com
1⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffac108cc40,0x7ffac108cc4c,0x7ffac108cc58
  2⤵
  PID:2840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1572,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1928 /prefetch:2
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1716,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1956 /prefetch:3
  2⤵
  PID:3196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2172,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2184 /prefetch:8
  2⤵
  PID:3980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3016,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3036 /prefetch:1
  2⤵
  PID:2540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3020,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3060 /prefetch:1
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3004,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:1172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4364,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3044 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4600,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4588 /prefetch:8
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4772,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4776 /prefetch:8
  2⤵
  - Modifies registry class
  PID:5356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5012,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4892 /prefetch:8
  2⤵
  PID:5488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5156,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5180 /prefetch:8
  2⤵
  PID:908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5252,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:1128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4712,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3524,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4508 /prefetch:1
  2⤵
  PID:5868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5384,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=3160,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3044,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4848 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5308,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3476,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4440 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5188,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:1
  2⤵
  PID:396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5280,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5272,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3084 /prefetch:1
  2⤵
  PID:1504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5832,i,14556612403882222803,13038664007313775128,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4848 /prefetch:1
  2⤵
  PID:4532

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4052

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004C8
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4980

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1800

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
5a92124a3e64f2edbcea8910b9926e5c

SHA1
366348e370b7bd9e7574e4ec232ff338e5a4699c

SHA256
ab9435c36e2c8607db25f7e0654bf92221a64e92deb7e44cc99ad74be2b70036

SHA512
e2adac6218acf370dc566a2e527c5879de13f20c9f8d8ff1d26e0b3c703944605aa7ebb13f7909279314b5d79bec86a4ddc15d85e217458284338a2088cde846

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
6dc18fdede2f8d3a42117d6745bebca4

SHA1
83937decf9c73e2308a4f19863b6c39f1ffcfebb

SHA256
ebc3eb36e1170c5baf3fe62bd1436eee93393982984fe7e091234fbccd84d1bb

SHA512
c0c2d6dd45dc15fafb8c3dc987f4cc614f302eca5fd87ecf8ba871e6b3f62887c93787a888857e67c6c2a590308bfabf8a09141c368619f58809a7361576f1c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
b0f49e5926f7d90828f1ec26aaaab678

SHA1
18dc3a0c50c88555b6392094e249be7a2ac82725

SHA256
6d85ddf3ae215d848f10472286ccd894bda0167caa424ee0fc9bf3f54a4ba35a

SHA512
67067afd97fd7cb2ace54717f6ab02f16b7f395909d1a30333bc693a8693d0f01cd1014600d5842c56e0e68bf75ee34be62be5602606e4e0b4c506b76a63b1fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
57d915bac09bcaa78562a636305e5df6

SHA1
9775bad7fe2c61f7bd4124ea4eca3ba98641541a

SHA256
826e3c05488029ffc5c9a6205d34cdf5b1517a05e72ba1a2da210e5bf2d7bb29

SHA512
2ebf6209fccde7b417e50c2d05d3aa7dd2e8217c8f5644c54ea7c4766b72c64d952d4b6dc92f3ae49b80cfc49376992b859ddf77437444cfbb438c9a080f33a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
ae85287a31de06eb131ddea0c1b72cbd

SHA1
3fd6020986e46c0fd774450eb4eec4a3834d69dd

SHA256
541a3a874c98c258765947347ab943c3bec5f9e1f0a0d2691bddd4654a72b740

SHA512
a153d64b72fd762c1096e879a0c2796c3af9a6fe3cb117afe9f148979cda38e09dcf6e11a9fb56cae33c7b15b69816180fa25491bb25dad797063eb2f4ec76e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
05290b2704a5eb2040f4eccc518da9b4

SHA1
1285af7f11993fcc8abcbd1bc26dcf3a80a9c7b8

SHA256
edf15025b952b9ecbec3219993ec78244bdee23b209802c56cd10425e285d6d9

SHA512
9e300d1746996e729861efda3294426df893d6d69ee76182343cf502dd105d6e0a6d88d508704c878641e2aa76e8f6e587e9e00c6832453ff6c167e9b20f8870

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
d3dc1ff3aefcbf4368a8cc8363d66466

SHA1
78ab2a6d9d925fac52d8a8474c88967cecb26d55

SHA256
7f2bd176cd473bb20414b3aea3b312df410134c5d62f74ab7c6a2e51f4ebecfb

SHA512
c32e66521358a7eec3d3a54899c62c13b917f04dddca6ed68db3826ecc510273b77a937b5ee9b343575f2a7b3afa22a09702b29592c42033eac97808aece6906

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
12KB

MD5
1fdde58ca9652897bc1bedee344ae8c2

SHA1
718b27a7aa946132c918137c49d639ba0d3a7771

SHA256
8223072728ef0dcc99d3c752c4130acbb715d1462af5547714863001a280d416

SHA512
f08cad381cfc9779d4968dbba690bf8bec174d6c1d7f7e45adeb3cecbd9640bbf5c22b25b2800fd37482c2c2642e0b003eaa7bcbba52e76694c2e2e969864c1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
1ddb6869c83d12354a1df2e500102f34

SHA1
e0d1a08551a79bec888d84f3b9d187ab707a714d

SHA256
9234ceaf1a7a736a6a5f13aaa2b0760c7d44c22c6608a52e2d9d2599b29d871c

SHA512
ed9e5d85f9dddef3c1d8dcc23d921ea19bec2f38059cf20829061f7494e6d90d855abd488a7684a6d790c4090f4ef240a27c0a9e3995aff94b197fb105f3883e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
cc79de42623efdf4784f801a963b54d2

SHA1
ce54379de4cf59a140f576c925686c6df335b184

SHA256
997006481df3ece770f6c0f27d757af6b2b51d9f00493a70747bf93e0f806c54

SHA512
2daf900205ed9f5a43edf46e12143fb4f863441f116d659a265332ebb97e85630135f7ad4a7a13753fbb31f9a00a313f528a3e47f8af0107ecb9898e649a19a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e362e1aeedbe33c1fb5e8f761c39b0f3

SHA1
5a3f697410d9247a2ecd3beff6246ce92b036330

SHA256
d9c0f4499b89f86c4cea7975b88350eea27200026f18672edc82afb51a62ecae

SHA512
1917edc3ed2a337636bb57c7fd4536aa648a43fe505364a16f8b48722237f68e11ced00b991c0b637feab2cababde39ad192109c088dc2a0e69239c969aef541

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0d5172ac97e13b4c654d7afbb485c9d1

SHA1
dbc22553a078435ca30a2ea0f904a25c1d655ed7

SHA256
52d1d4e3ab27451655a019d388dec0ba523ff23c70287ff5a733f8fa97ee360d

SHA512
bea015c10b09e167a943622e7e538b41d134fbb6f0ecbe44bb6f64bab44e60b3381a5eb5d3fa543ed62efba08b7e93e7ac89630cd024cc39eef3d4593a81417e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
e2debb7ea5132a2a09c9e8bc3675b18b

SHA1
c347297a38ff2ae75e9c943c83a9c32861c4c148

SHA256
5b41d80c3c7dda903618331b4be7b320c67f2b9c9342e4fff7f280d5bcb6639a

SHA512
485241ea55bf3a6c533be5dd77339808c8b76cc0c0a045982481a2fb2b214bb7a25ca615d11bbc42a6c2b8d9a9693105851d17f2b64f13090dc0c1fb93200fea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
3363fd1c8cb243265a47a10f0f8b2cdf

SHA1
9dacab9ed870539d4601e1515ec1efd8b12d9ae3

SHA256
d2ca6bf2941f7c26e8d2e2fb97ab62ea4edfe825461fe1389e89ff1474bd363e

SHA512
7d0c2a187353768872d72dd7583c110c00c5ee3d90be1ed49c1eaa2d158a718b15e220379e35b4a1e72b5f1eb00c7388eed57b2d2b09caac52deb80e564fa840

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bdc76bfad2644135a651dfbb03782d70

SHA1
949fcdc45fe426a8a520866885bce818f1bfb199

SHA256
5cc1551849f9508bd574899062f9f7b7dee1f17a7bda877d559ba9a4e19893c9

SHA512
3d50d3ddcfcd340cf129bbebf73228c350dc062813ae0917bb0764ccac4493f7c3afe3065c7e2ab8687e67c79db3108b5c59932d9ba1e2f10947d4f6e0e92eff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
073113abc7b89fc0fc36e6b2e7804036

SHA1
d9777f05da264657042b048dd42b40e8f519e5bb

SHA256
63df19bc7b4dc99d0bbc60683df9686af3ad38bd076e8a2d1e72a163efcb83eb

SHA512
5dd331f5cfa1c88fbb01c8dc54e74bce573b7173512228da7d3dbecced3abb4e9f2ecb230670e0cda1e0e46d76060826a6336d2afc7c895e0f81e60b36a41df2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
d8f75283835c2cf0e30437d1280c3906

SHA1
a75eebbd7c979540e7aa0f9259bd9990f1aa1bde

SHA256
568b0f9d62a280e45d3ce7407473ba2833268a037f42bbfa14fd36d7d6931dde

SHA512
796a9d552b545b79f7a2bbd4754c178dc141655f0766b2ddcb52324e97e316f66a58e72cd42d55d15bda70f6db16cefc34a7ac7da781da8191b587879629b5ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
880ba018a5abbaead2eba5977ebfacc7

SHA1
5d5a62b66a399f76b37459faf590c3ee072e1949

SHA256
e98e64bf3844315cf7be912b34f3b22c9f507bc50109b060b25e0b2c548bd4b0

SHA512
dd7ce42c8f8dc5057ac66ad9464708eda8788b5b2e820a0c60bd90042b5d16cbf30b92697be737787a2629d8ea5906d60a1d6c6304a41aa139b29c9783b7958a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
5c8f7792e860da4a24c8bdd204334490

SHA1
4d70f328963cb45d1b51599182ce828036c06b95

SHA256
0e221a14fe60ea5fc9af23cf3f933dc864aecf605c4d6f6b39c016252cd887a4

SHA512
49bffc271bc8a43539010b553cd42806f76054c7c5a66421473737c34dbe06c34f44f5f19223dc9ea1ccb6bd5cf17e59af3a0f63ce993bc89a2e8499651052af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
25a03bdd8c5d226179931470d8902e11

SHA1
e67cbc46b7b8675920a972394c652f16153d9b7e

SHA256
1df00d5bfd2383fcaab9ccbccd5ab3d35ff9285f8dbbca05c531b5368b0a80e2

SHA512
00ff5067e2e399579146ef648c2888aa207da5d154e4b348ef84c752c4e6041b796015c7c05acb3011eee1cf432ab27f333fa377b0b79d1abcee52ffd134c98e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
14ff248f90d94048ced6f67718e27336

SHA1
0a9aaea5af10993c858965095ea281b99707eece

SHA256
65abe9af0ef0fa32694a60d9df35c24a1c774df41def5c9c6de156d2695eb9ee

SHA512
00903ef3938a75224823e690c901c8ccbb83106f3cdac6fac318fb6a8da4ea8235d98c1137f44c6c018c41590c421cd39976765ad1892133f1bcb29798427ab1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
529dd0fd3ca7c31dde155daaca2d289f

SHA1
c709a06b63b5d8fbda699342e859e6e847307b61

SHA256
557a427621d3631d12b43c54da1bdc1847ecabb6228c82bac773508e67cf17d3

SHA512
209af0aaa2a4971633ba72bc32182196b60c7571d3c218a7d7da68e121005cb06f3500d93e1fcbfd8acbbf202588edce0afecf0437542202bf6141dbe5bcd8a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0edea261ba27ebfa18fafa25dc4c212b

SHA1
445ae4b2d256c763a8290f1cddb756d6863f32bc

SHA256
31e4d4847e5a2f3f56a5a807cd296ed07b427cff82fddd116dc1c5f1ce6354d3

SHA512
94846ee53e70ba3250cf027380e43b4ed7ce892ef838db5f6acd9cfaf7dd57a5f0cf2b5867c93cbe5e9f0626083a9ac1347e4733e237b04906fc591873c73810

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
cffac00a9723659d5db6dc9ba859ac09

SHA1
d4acd73dd3b5593acb6ee0b17f91ca0d29856452

SHA256
f3f7fea25aa24f43b04f540dc407953d83f851f5bbead884199c30f4a8e10fa1

SHA512
ba1ce7197aa38fe86b53bb8b9da8bc12f0a65457bbcb408b779647f3ca927df293a3935fb53b0a8d08d7e636b571f67ccc182601273038c75fb64d75bfb05821

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
f364c91464923c48cd7c812da3aae6cd

SHA1
880e2952f953f89f50ed8ebd04f4755fa9c070e8

SHA256
aef7f0eb67eb4404e8defd09d3f99c0f03927b3432d36ce0ffd4eaf69b7b5ccd

SHA512
ca3aeee541de3fe71f131534406515ea9083f592c033f779418e3d01cb2c578b3da901112f5bfded22546a8d41a7ac5ce818c3d67638b87cf1166f792b8684ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
179651b194cd5bd61a09fa5f4bd6c9d1

SHA1
f9b6c69884ebcb52c82fc5a90a4c653100205d30

SHA256
5514ed3fca5f1099e6cf67f2369591d07f26e0640a60283562089f09570bcd61

SHA512
5bf52849d3b545e7118f17ec7de787ac2353bf7e52d6b7fb64fe03264f73a0b03530ceb389b0d4a86950b5557ddac1498da3a0b6fa27e0999a4c6a069d8db843

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3c988b8ea5cc4efcdc15657566a06c72

SHA1
d9ba639aa8a8f6a48e59dd2d211ed3db93fbfb80

SHA256
6aa23b924ebc65fb2e5cb83d0dd28235bc6f8e4562e434ee7f446c6b60413a31

SHA512
47ee46d0166f22ca76ea844d07a73325add7590b89e427297a35eeef7974a3bb3ccb6d5a99000b22c7885dfe66123f4d441452a7cd96ceeaa030467d02da93e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8861b72df431f8f778a964ba89942254

SHA1
559ecd8d61eeff02afb6e980211b865ebb4ffc1e

SHA256
fbf8784e24cbcddbde859240e5efcc3ab96c124fbfad89635c52b4a41a4bac23

SHA512
0ee480888b37b7d48d3e9ff28bf91b7d00bd5bde78c4d8d36d4d83e8fb3e824b1b1ce779e488fa240eb6d70177834c87fb02f55345cdaf6ea71db17f7049b468

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
ddf5e97ec968bbf21880a2cae33f7607

SHA1
2243f552db6aa51898667033d8feef5038ab175f

SHA256
00e3ba512c001a2d7793bb88d03943f09523bb1b31f165b1ec982a1a5ca406ff

SHA512
ae0856f098d684334a5589739fee0eb57490f6d5310232cb27405cc723a5cf3c74985b5497af7a4a8762b0c23d3c43e78a6193cf201e3034df35172b85816cda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
67911a7196193e7c6f7904a0b761ae3f

SHA1
46b3ab7719bb1741391b9c25dc6529b69dd0c5c1

SHA256
368b58f88b56d2c69f391a45a50131fc8ad8f9893d57f0f14489715545c21ab5

SHA512
8811a8c6c50e6b6d9af3343490828a1d4c16d4b149ad18066b4a2c2d5d5dd79d1cf4dce9557e119c0298180d352a6b38ef7e0df5ca7a88ba77df80be9f7b862b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
5fbd0243989d663a75f0ed540b845bb0

SHA1
1d6b1a7e53480adf275f4241ae92ea9581625b9b

SHA256
d2a05c456f574201cc4b8d8da18ba83149aa370611faf1f49da89f1527affb48

SHA512
83db901a4472aae443686c4b8ef1d1a16fdb02681bcbb4fbc3bd04fce4064f4b1a3fb59ed241171948039013137023d0966c81c5d448135fdb5c4d3208ccb3a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3bef546ae5ba897101b93278fbaae8c9

SHA1
6a989b7451a6bd32304893ba5e3c402aa5ee9a68

SHA256
0706dae4744783325163440e5eb51ef2d3df024304e7d86c95d71363b473e04b

SHA512
65e7da3a148173a62bde92c6740fe3fa758fa29b125a36e9baec9fd45799b3b20e93b8bc099b94642c8eb3f8ec53cee9c564522fd04741a2bb2c648020b2fa7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a1327dced6d8c7956ef0891b0894d1da

SHA1
6a2fcdcd6bcf780d6213a0f37dccc5e49731c699

SHA256
b88423aff1376c49cc7cba4ea8cb746aa7c0c3f3c9d991ef5579bc00cc59239e

SHA512
591a08e9c614e9024fdc7eeba63f5a2b93c72d3a48b8b15905275935858779d3aab23ef1e1a21d65ee9e73937a3006b98db1a1e0d06e1fd47a160b64eed95679

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
6e12bf05b45d941dce9675ec2237d2d4

SHA1
cf0893f52dad5ad5ebbdc5a810f842b2bfd5d168

SHA256
2ff8b7e3bcb2c69c8b70d98174ad1e8aaa107b55018bad39e814c45b5a4c91a5

SHA512
552a31b7bb9aa3e1747667f12d3df3209f38239bc8345833eeeb140175e51ce0d9b5b17cd5bb2cf649cbc563839a98f8b53c81254b7cf73f9eac247c1636dcb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d3e9035754095c030ee767fb80f2d519

SHA1
44ad5a553f7dbd6ad9be585c397e4db3aecee6d0

SHA256
b7f6642f7a5b167a17c4f0a549e09f69e647872ae83e73a27bd3b2e5ab2662f5

SHA512
1f73d89ef732ecb1e80a12d2970fcbc243094e261b6f2a076c065927c0932b6df7599766dfb5688bb4db3a73b84d58400e85f093c7d4b025cd01a2ddb77e4744

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f3b2f37f576bab200bcec3927aea3cc9

SHA1
dd9a616a5c026bf1830e7f031f9e5016e7b8e733

SHA256
6ad3e8e0d04e737cfd95d707567815c2c9359a3c2db7bf0a3b75cd204e274809

SHA512
a5fd7c3ab6ef693c14cc3df3cf0d3e02e741c818efc910c5e6762d3683e3515a7f4ff632381b3f06ec70f3e667e729c10cd29d70cc79daed2a6504023ddf061d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6084a854e862ac5cd8209f2d55d2b1e2

SHA1
1f5ca54c5662390b378dacc84a80553a770308d9

SHA256
c8d9e1254c6aa81cdeb9156746e48709fab21aaa42d2ae0d0543ead663e751f8

SHA512
6dfe257def9e0cf4ac5270c4b38f2d6c338815a671510dda17d020f53e8d7b8c9d5cc39d139f525eaba7dc2e31ac83674bfe1c3bafe2f7f72600c7c0b11caac6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\662ee204-3c2a-457a-aec1-7128c8f23466\index-dir\the-real-index

Filesize
2KB

MD5
6db4b51dc19a8ac6dbbcfce30b4a64cf

SHA1
394b739d6029657ae6c422effe7ed360699cf988

SHA256
2096f4ea17d42dc998fd1a9e0bc625a019836d39babaa856d8dcbd90ff99d21d

SHA512
0664a0bd6cb71e0284e6a559359f9f1a992f1a2fb68b22b5b83869611a1ab26a3ff5a5fbf6e2b860b41cd6a31424578c8659d92ef4aecb34ae37ec64d601acc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\662ee204-3c2a-457a-aec1-7128c8f23466\index-dir\the-real-index~RFe57d736.TMP

Filesize
48B

MD5
f88dc55076e6b3e613f448a5de129b47

SHA1
484f6075126e04dbc67964ded5c69331298b38f1

SHA256
64e9d8a3a768500acf7441262e72cb8929a9dbd2cfd44fd74352526f6d7519c8

SHA512
1009eb3b37a732b7addd128b5df6ae8a41fd1c9205eabf619c9af3a424c6109d73baa8d1298c2a6ec7712622e80925a2efc2233998ff3e5384942674cf854dba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
5cb109bde10be8911818cb5bb487ead2

SHA1
4d71b6f081630a5ca3935208b9e4c72763654273

SHA256
b1d2726a7bf1569a6bad3595817233fa411daa5cf71b9f3ac8a807fe1f8232d9

SHA512
da401469924eebcada174e1c909f78d5f1f677a8ec3d5639707816f1a09324e19b10f0badb313015cf24d5ed999ded7ddbffa3c046c0c6a0a8095ee2a594f4b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
cb7bd0163430a33afd40229704c2e2c9

SHA1
f576b2717327a4729a4020a2e439eb9179db16fe

SHA256
f644e4e6fdd4ee1df7c9d1332698475f5dd3fbcb0794fa462ac61a39f1856167

SHA512
a97337bbf79f593649dbe20d08c51aa74fda6a7d763f8538cffa1ef157864f785e73ad5d2f2cf68d87be03050b40ed23f48f1ffd4b53e1e466e5c6ec077bc168

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
f5119628e649a049dea20a15a405af35

SHA1
616dcdb6530118dc719277d6f4041d815b6ff585

SHA256
aae9af2885e41f2af76bdf5859efb27505476cac8371f216b54bdc55142af4a1

SHA512
32bebed6f29b2b91850d9b428b5f2f1e758930a9a8d9e885a5aba619b5e9c258fb4909c598de58150c9c13de844aabb2b9afaa80fe086e4b7bbc08a5c28714da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57b19d.TMP

Filesize
119B

MD5
78242b270ddd926e534071c56d59f9b3

SHA1
394f93921c68593fda5ea66d7a28fd479550f3ae

SHA256
c5a43e52d94143d8524cb175ba4415907f072447b601746dbfb1ce4bea61acd2

SHA512
2d924b5ddd7dfe46d380b98b6b6253781d0d1dfd73d3cb681d54313156f8e3a17cbc9cd196ff851ac83be0b1893fce9f639394363e4d5e40a7fc33126da166ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
b9bf417af916fd79d25d3b9dda89aaba

SHA1
66e26c274e4cb28eea417c21ab3b12dedb059dc6

SHA256
9f0965d06aabe5d708e242e39e858dfa78c07e23dec5a0cba9537052173862ad

SHA512
6123257241cea6cf622dc47cb01be9b1623d5b62dcc7243f8d678ff0939218dadeffa47e7ba0ad3b3e5c858611735bdf6833a3068a4c3a80c291c44183f15b08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
529a0ad2f85dff6370e98e206ecb6ef9

SHA1
7a4ff97f02962afeca94f1815168f41ba54b0691

SHA256
31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6

SHA512
d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir5728_1145268008\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
206fd9669027c437a36fbf7d73657db7

SHA1
8dee68de4deac72e86bbb28b8e5a915df3b5f3a5

SHA256
0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18

SHA512
2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
8bfc3627da5d9bd3ac5420e6fe37b28d

SHA1
ea54d152aaeddb80b4b246bdbd8690363b33f84e

SHA256
0dd2c4ea7cce1d34f0323df6399cf70f7c441f021f6845146647d8433f3a1451

SHA512
e9fcb42962f15b560fc4c1016b9aaf233b617826f24d947af8980408b3035ccf7d1d9cda6c7523f5fb600fae8dff33715b6ed0bde8cf1a1582cc36c887f88121

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
fbc03957c1e4e9eee68cae3b9d09582f

SHA1
17c126c3df9a43a4ecd82273d3220ea067f76751

SHA256
31e6ae3fa3ce9f09740e8442bf09e60b6f781297db684ba95c9d56c0ef6d496a

SHA512
3d74b6ae7220c9731b8383cf52eea4f11feea330b79395e472ffe27f58fc3c91996d4b8c6cc954ac15260b873b425efbad8559a4b08d835b9b5f108d5c1393fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
70de488e337fefe4c84ee9033f19c0a4

SHA1
16f460a0d2c4e5840f4092f708cc7a400f870922

SHA256
7cf9dd387a4423c537cd70f846f0fa4c34c3ed6f73d6c8ac847f8722a023faec

SHA512
bfb15d3316764342ee234c0873acdd9a749fcfae0585313feb07649b64fd3094301f240d8b1d006ace2e32b072cff2c9a6e8126520c29d53a796b4085a9ab8f0

Download Submit