hxxp://steamcommunmutly[.]com/gift/activation=Dor5Fhnm10w

Analysis

max time kernel
149s
max time network
150s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
15-12-2024 20:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://steamcommunmutly.com/gift/activation=Dor5Fhnm10w

Score

7^/10

steam discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133787689642533640"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe
Token: SeShutdownPrivilege	4068	chrome.exe
Token: SeCreatePagefilePrivilege	4068	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe
4068	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4068 wrote to memory of 4232	4068	chrome.exe	78
PID 4068 wrote to memory of 4232	4068	chrome.exe	78
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 3888	4068	chrome.exe	79
PID 4068 wrote to memory of 4576	4068	chrome.exe	80
PID 4068 wrote to memory of 4576	4068	chrome.exe	80
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81
PID 4068 wrote to memory of 3324	4068	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://steamcommunmutly.com/gift/activation=Dor5Fhnm10w
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe0e07cc40,0x7ffe0e07cc4c,0x7ffe0e07cc58
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2192,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:2
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1820,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1916,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2328 /prefetch:8
  2⤵
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3000,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3028 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3012,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3052 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4104,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4420 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3436,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:8
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4820,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4544 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4924,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4768,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3100 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4256,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5064 /prefetch:8
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4428,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4500 /prefetch:8
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5056,i,2736938135965214057,9530301927580346456,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:1
  2⤵
  PID:5044

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4912

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2892

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
606026d2bc4ab8d7cad3df49319f061e

SHA1
abc5e05353a736228b69e40e39bf809c87770066

SHA256
ec6bbf8e85bfb94dbda26243f40af505916d30c1c638112c78e75e0c2464a6a3

SHA512
f1e1501242ddb5fc1a0bc5ba1b20d64a06468cd1f2558cee708e4af2d26815529bc9e753718c74db43f4b3db47367e41dbd23bf62dcd3608a28ea63db36cfd47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
41KB

MD5
e319c7af7370ac080fbc66374603ed3a

SHA1
4f0cd3c48c2e82a167384d967c210bdacc6904f9

SHA256
5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132

SHA512
4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
5f1838a848afeab0e9f0f11b41f71537

SHA1
9ab7957f4c44bd7ca1c1f5100495d868b4dc5a8a

SHA256
8cdddc20e7f588f0508d68fb4adaa645d7667d01e8b791f8bb61292afb8bbce5

SHA512
17483d01fa7878ee19b4702500dc3e2da854b25b89a9839ab9e8c22d75af4cd20924b33cb003b1cf005e3b42645fc89124793735a611ab41a2e24099bb0440b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
c16fd15530ea8a53c0f13b4904c7b394

SHA1
5695d2b5556d232e9aa17d3ab8e3b68cb9e0d9fe

SHA256
1dae9c3675b160090cef82050245af2193792deea44a84e9dcb257bbdcfd7ae0

SHA512
2efb24a59f54a28c11f5cb8b0051dada6c6fe1a804ec9d2482e7620b8f8407297b230542f2b12e91c567414ed4a0151e60738164c40840d172a70a90742dabab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
22b763cdd208bbfd027310ca47317cea

SHA1
6066edf74833770df82ffc54d8156810d9cd139d

SHA256
e205c04c1926ca34ac307cd3f939db5169a2a17cb92b82e5f2424210d689e2c4

SHA512
489a43260fde9a615401f549cf93207239eac4073b0f6e503b7d42609d7630d57cb3fe9d16f1abc7f73a254ae2ddd28c50a81888d6ceca4cee0bd2f88449aab7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
8e8078bb8147cdee5f12cae3ee3f4d55

SHA1
c346e9b8f611711b8fd625b6b2b9d2b5ff39eef4

SHA256
4350e6d071a15586f6909b27780b3f3be4867e1e99d034fa23bd8315e0835d34

SHA512
8bd542fbc3a4f29e71fa015648d795b2dd784c18230cf95842b44c04e261cb8934abb4e91dbf730f9e4e9bae6972e9d83d98676f7d4d553130b81bf384e0b298

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1aeda085011e2b4bed9a8f4c76159f04

SHA1
ff99166014ce9679b84e312f6433e709f96d302c

SHA256
16e049f73b6e389199e7ec7c773eb2c0116794dab13854e7af4d2f54230efb6d

SHA512
fb77ecd384825e7a188090860e376ab363106ab29c37601de76247d5f97797f39845c091577488daa1390fda46d4db8086a201caaeace5e24205887f403d92f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
59ac0ecb67932198428e626da03fc23e

SHA1
b567fe4ec855999a43410ccbda477f5b8fbd7031

SHA256
14e0de986613ffc30fcce517cd70514feede2bd5e84910e6c781b473c7f65b15

SHA512
8e2f542686a7a2ae75a657fa7f793a81fa5598f46388d94651c4a4a587998a1deb0efbc25dfeb6f3583488e246ffdc4d5bf2ea5be1efb4891a35501be3a444d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7f87815dddb536363d8af86ba868e062

SHA1
0838abc18ba778b1f275b7e5d6061215b3162b55

SHA256
f249672ee453d1d815c801d54a28e42d5aa3768859c4acb524f164e30504c817

SHA512
ddf4ce61467c02460064ece1d7c00b353460cf604c6e12ff649af3b842a02258fe7f7be92d6682b9fc969073bfb37235014f078984b49b51fea5d4b074db8a9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
baafcbec6caca1b73a433bc491ea1a59

SHA1
0cfb68d16fdb58c95a22619519be8f56fc5de0df

SHA256
5e49f406a56d6e9dd423b782aae5592b538ca42895be6d0f2f22130be1496fe6

SHA512
5f559c25ebb167d42ee641ced338ee39015ee43bfadf6934a384e3e5754ab0b2bece69d7c2ed5e1176be0d2333327ca2a156c0d88da9bf866e15fcbe1a0d0e1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a67a616966c9e37caa30c76ed2622a25

SHA1
3fe1f2a8634268f0e074c3bbf95e9cc8b676a41c

SHA256
853b2e40091d4d9ae8b8a7439bb2bebf06d9abfb86e0fc43b13c4d1bed7458a5

SHA512
908151397587f9e9290cec7a169dab3d39a1a29000cd3ebdd791510d4626c1d2c0cad5fd8efb5457fd007b52233edae55a73c5d1836fcfb47afbd2fe3f65712d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dba7c079aee6220a9da2d6cea124f483

SHA1
a8ed6182769ccc178d8d3e946cbad2ca45ce3fe5

SHA256
a9044bbdd78f1f0393d898e5e0b69cc30ddca286006cb84ddccaa790fa6c7c94

SHA512
38f67958a23a68e774ad5ecd7b4ad368063a8d7a082b3f7b81c1a529394998e207b0c99542eee256e18568f2d899c22a18b1d2b3813e9747fd2f85c3027e5525

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
981db558af15e5a432fc1792b6d63843

SHA1
ac8a6b1e5d99142f4e6f3feea46d3bb9da9ef441

SHA256
7cb2e40d24ccfbbbe892e83c1d8ac2ad37fb0463b7dd37d8f48fb43f627b2d93

SHA512
956a537e2eb8117be95d86c7c5ebe99b8d6c693c6406743bc06fe23f855be5f3ae0cf3ec086a8d3576fd7f739c98ab6105d329f701e712e612a78f2173e7befc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ddb13ca4f2097a13b9a7be081d067c1a

SHA1
a51a0afe44a79c45e3cfac21a5e3e7c272f150a6

SHA256
9decf6081ba34669a48f1dee05af2b71a4543d526f3a5ff6b326acbb85d050b5

SHA512
d9f71c4e2b972c5fdad28b63b0f2c14d1359e5dad1817b69c14283bf317e324dbb44c50d07517254a8c3a0deac095938acdcae46a4810aa7a0dff41b00721419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b9078b2144fb7349e52b8798772a8523

SHA1
c7d5da5261752212d4d104d5230f6986ddb19581

SHA256
41f7b9aa89ff95e6a26e3d4d7fe36aa5dd2a8a95cea905c33586a7f0cf4018cf

SHA512
35b2d57d6b4000bb9a1e02285202ce6539e50be2cc1371e5360853d1fd7714114d0e8b31f56b31de2e4c49558573cae71182a3f4b7803003f58439c8262efc9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fcdcfa50fb5a935360b54d1b5986a904

SHA1
3297e402bb63f2510ccbb94c2793e1dfcc6ba8cc

SHA256
b63a6719c7943441f8102a0e9c433cb8a0952ee11de6df947bf30886580e0eb3

SHA512
f6f0bda734e944718c284387879d6799ddc6c8871809a79f2b538ccc2b29a8ddd2720f112d656b936d65aeb21b39b0fbb02a078790e7c13a8d5aab9bb8981d95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
66e55650e6b3aa9280369ab86c2364c9

SHA1
fd03c5435f02e471348eb6e01b2ad75c2a045be3

SHA256
49d44e7042bab502ffd82b1b628a4909993347a100f72f65551d53fafdac374c

SHA512
12fb97fdc869d5b6d1006a8b530b02dad042d2a93300578dbcf540e1c1f3d57e746fd316dd64166c76ebf508adf976c7faab8a0af17537f2118502f443f4aca7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
433abee0104464c6e4ffdf012a3127f2

SHA1
82990ef4dfefc240bb9b53015e243b76f3b8a662

SHA256
c6077e7308321709bceaf8c627a3039449e73a4c3c0371bcfb139a1e93f40ceb

SHA512
098650810bdcf297dd0298fdbb605b53097400029e57d52f4c419ed5cf7b66b992beb3bca65ccb51051c489f733848969499dbe93845f909a33f5175fce03255

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0cf17e04461b8258e76674a40fd3363e

SHA1
32df9e42d37c8ecf137274c5d05c278aacc591c4

SHA256
b7e04f2345c8e79f9b4a9e68498e6cb39f930b59aa0105ae2240232db1969bb2

SHA512
a6b90ed8c7df901d74b6f1feabd79f3aea41f27fb49de98bc13b6184cbc2a7b07ec7b138c034083176cd753db9cd3f3a7099c621b3dea4af78330b2bba223be1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
78ca59deb1d82303f1a69bcafc908ad3

SHA1
08d1fb080843bc11bd48d068ee4bb5d9d1859d19

SHA256
060dd53d0b9b6d5220e14b3279bb37d0f0cf3eabefbc1a4ce2c6455a94f4d424

SHA512
ff2827e91e506be6f8466908c2981af663357800c56500a4ea104cfb767f2c3fb4ad9448e99f5096cb94fa66b7a116dc97086f63d826d4611a8a853ba1c50325

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a4bda1163a97580df65775b1d82076ab

SHA1
1671d7f6ff87382e5db7527e9886594e9d448106

SHA256
dd5e95a721218d419f8f2d5c4715d03a925263811986eb6ac525df2ecb91c96f

SHA512
f61bbed1a65d8e35855646f9712a7ea436334fdbd08b254f80571d1bab38d53f8b7a98fc3a3847a2d9137a7d7d484f58f26703463ca5d24b5fc2cfcbe4b86a6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f366f244-776e-473c-96a6-5662a5cf2d12.tmp

Filesize
10KB

MD5
e0bff0376fba46185dbbae3c402b6895

SHA1
763444856bdbb421fa94771683333a1a30576816

SHA256
6fb406073d8bd4bf168cba64e43b1190dcf9fda917b2239e6ed68e85b20534f6

SHA512
ee43b2dd42391c4b6d4bcd8ad27babfd4a8d5b76a3bc59056762dec8dd68817ac78eef416ae8585dd11978e43aec176bab5f705bd9b5a79b76bba85adf0d5663

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
0498f8227cefec5ff8f1d04796396c1d

SHA1
db71148233f4bf9790a9c5993e7f4b6257b216ab

SHA256
07e99d1477df6c80becbd7ac693ea4bce51a5345e73110b2c2ae1ef5ded9211a

SHA512
67a191d1471a212b9f80493c73860488b400faeefc087ad2371292104d70714b973c64f9445a6e7cc232adaf1b47a52a8c37d9e5bc6733d17c7f43244f776ca9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
5619a201b6752853f715ee62f6fc4d39

SHA1
e04e58b19c8b6aaa61c0bdeae5808bd99d98006f

SHA256
07ddfd4bd69ecb34f2221f9c407b8517199899e2c88843cf3301ecdb6faad523

SHA512
b276b2acfc538349a20db27865575a7043fabb1348a18c0ebd570fa6374e47360b63e570199ea02a29f6ff8c76141da3bb30202a681e618b68a3a715b202eec8

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit