hxxps://mega[.]nz/file/uKgzWJ6Q#ay0oXKJ4rU6Eg8FH2YwB9U44U87ES6OzcCSt95_Qu0M

Analysis

max time kernel
260s
max time network
245s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
16-12-2024 18:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mega.nz/file/uKgzWJ6Q#ay0oXKJ4rU6Eg8FH2YwB9U44U87ES6OzcCSt95_Qu0M

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133788488261317982"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2896	chrome.exe
2896	chrome.exe
4324	chrome.exe
4324	chrome.exe
4324	chrome.exe
4324	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2896	chrome.exe
2896	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe
Token: SeShutdownPrivilege	2896	chrome.exe
Token: SeCreatePagefilePrivilege	2896	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe
2896	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2896 wrote to memory of 4868	2896	chrome.exe	77
PID 2896 wrote to memory of 4868	2896	chrome.exe	77
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 4524	2896	chrome.exe	78
PID 2896 wrote to memory of 1380	2896	chrome.exe	79
PID 2896 wrote to memory of 1380	2896	chrome.exe	79
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80
PID 2896 wrote to memory of 1660	2896	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://mega.nz/file/uKgzWJ6Q#ay0oXKJ4rU6Eg8FH2YwB9U44U87ES6OzcCSt95_Qu0M
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82fa6cc40,0x7ff82fa6cc4c,0x7ff82fa6cc58
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1760 /prefetch:2
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1660,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2084 /prefetch:3
  2⤵
  PID:1380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2160,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2344 /prefetch:8
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1
  2⤵
  PID:1008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4540,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4564 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4992,i,2631418552682436630,6888129556035136681,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4324

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1232

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1512

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
4e4ee316905a153c91b21d168ed6dc95

SHA1
b47a8309651ee8c5f1e5fb1a8d374f588c60356c

SHA256
8d334bb45c9e80e9165dfd439d7394c3d5d5c43bdd938efc47c8123be578aee3

SHA512
568adc7b1cd2b81b9af7b86620751dcb5d72b638647b6864c65c77711a8cbfb574c8775974961a14bd5d5c0835f41da9209a3b2ecf4cf4fcbacc6d5fd222acf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
8352d687de88ecb76f3a58a703b6ddbb

SHA1
21ce87469a14cd522b3f6fe587970e954c3650d5

SHA256
bfd41a8b6e8fb4e1754e66e52b18f16affd9636a79c4706e4ad18838aa499d83

SHA512
12e37e160070b48afd100e2b744e738b8df40c26075d164eaa8d33de1b18b78926a25884262cb2e49c894731616a67691c3e40daec0bc1fd3be6a1ab4ba8fb3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8da666e4d00ab455795e79e8d7474fbc

SHA1
3156fa7d16cb0cf4d6a247f79d67f1821f1b5a14

SHA256
4524a4d9762a6517e731b4d555f1bbaff8d99b95053dd9f3818765b709609146

SHA512
3f2724d03aa712871040bbde0ee8da11d68dfb7f1a0a13c428b30335f42b67f04efa7de557bf90a079169e533e8bb4737440549a865a302056f5a77695d13857

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
0b7592fc13172c005748b03d1f14d0f4

SHA1
3d6f3810e501d15514e7a59482e4b68ef4362b14

SHA256
8859b2bd44ba16637253adfe27edc34a84a55cc514fcb39ed61772626128aa0f

SHA512
f1f9f1f5e8980f8a2a117a59cbda9592116623f2458e42be05793a679b65a14af2ef8f31da36602aecb864aa155f3a6d5b505495dd9496c1e024b7e280056905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
32ea34ee4ff0fbc01bb882168155245c

SHA1
e4234c65742e0ef62fa33775b0bb71333c5ff1e9

SHA256
5c8cd0103fb273d5ba2957cdb2ac027b40f57e45bf14567dbf6a46b7aa44f7a6

SHA512
a71f4872bf7c2d08e0a1f8d4d04b9dc101970ee7af0f3dbae727ce6d7c2506b5f4d95bd6c272220bcb39067132bc73ad2c3bac783efaa9356f0fa5cbd8e4925e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
66af1a2ddfc18dbe5713ed799668ccf0

SHA1
fe0b3b801769d4ff489020801bced23c88ab0982

SHA256
8b58ed40d18c4354e3594ea43b8d3a1babd3f39a4667564bcf6f3a47e19d9e6a

SHA512
3846d47f9d27998441d89ba9311bfc0414d97a0035c181289e86638e1a155e0684478879a2585521e5ae2618e398ff5ebba7878bdb3e5d3926faa579bf7b1afc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c6ebce7b58cbe7f3e91110287f549e49

SHA1
e3b91c1e880faa33ddf1c14719137f10178b3431

SHA256
3100e2e372ece17b461ff985286c520ef3a922cc26ea838f3852c4082cb15440

SHA512
59b5223324e178784b9c81443b3e1124e20ba059c0141e4b9b127b5a399c13f7d22803f1b415acbcff3faf604caa4b288eff98ad521fe26b2a3d0a0324fa8d43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
98db6ac5c9f41fdf8e77f99aa9f2628e

SHA1
f9fb472132e4eb242b4dc7dd69f17c78c57d17ae

SHA256
f706effdc87d2633693ca24194bf641402f3183d0c52418a9bee5b3930c57b52

SHA512
c1728496d7ce24561072b61f51e54c549fec8925228ce69a8f9db58101e32e9feab94e26570f683c54659011da50f622a64b88bb7ad26ebdd4a942bf48df2829

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
27989623ba8edd343e52b5f5976f9a9c

SHA1
a569203a5a62846f2f4cb91bf1b04b1049a42d30

SHA256
1943cea88fbebce64c93603ef1cd6c54df259639a06d90e227ac77cf54fb9703

SHA512
75641d6251a9777370c15960c091ac39b363fad148cefaf6bbdebb408eab5c5fcbed166e036c4a27cef1a61d8f23edb225e836fc15c43d666cf97531bc7558b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
538a964f1c00e8c60ae80b65b7aaea54

SHA1
ac57baf99436cd268b9a6ada2d5cfb7093278f2e

SHA256
8396095d0425cab3a3d1c8756053786825cbf409e908fe1216bcb4f31062f799

SHA512
d69e8bacfb847fb233c7d3e7904f98b1485c9e1aadeeee0f319ff0e45d4897497e749d4800b05818df450819a651e3ad86ec33b2a72ee044bc5ad26bbd03f9d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
10a515cbfd77f7471c79101c551d05dd

SHA1
ed2f7b80c2400f77c6de8883a0342b8b0a868a2f

SHA256
ed8b01085f4199e1b48d77f348c3b731945a96ba9412d3868b28f54092577aa9

SHA512
9ab6710d27b9ebb4ddb5052d5a01288b4ccea63f6c300bf3b645261962f7ab57a1c0be18fb86b177c0a2819ae0dfc8589a8e79c1891777da90345ad7c3e423b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7070e290b6cd1290be8772ab860045cc

SHA1
2b4d5e99050506714412c7a0d0c32d79b580bc2c

SHA256
297cf856b8ea993d52d51a9bd24da320fdfc0b7435e720aa023c4431306bdb0d

SHA512
18477a43578462f4ab519934d01f3455c5355917480701915857b440786a652e299b90ff176253f0eb4be602e84aa8551a28912f3ffb3868df9e2ffb6bb62e9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a4355a27d7160a708906a2d39e72891d

SHA1
c92aabc7e77fc7aa9722b3376e530d425774816e

SHA256
a5fc02b1b318573ace39747d925ec66addba4f1187f4d131bd9980daf45b87c0

SHA512
3b6f2274424016cb9525224b59150e9a7636190f37830d3c81ec075cb151ba55097072e00529a380f01f1540ec2d92b8e973ad86192483f96b1946cc9c93ac1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
8d7bdae696e95ea9b70d8eec97e437ff

SHA1
95e6a52872274ebacac088e29de8f5a650af7f3d

SHA256
53cd7c5f4f07f1613b7fa8a4e1c7b6ea1549152944f320c211a6028725aa0086

SHA512
d90af4f335a8125e3f6be7d3bc363dcf8b9916fe070b97ccd7f888262626b6fa3883a8d95ed13f8a06fec534eac67471c9fe167d44a56f0ebb85c71749691ad2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
e21d24fe256c048a50bdede1b423427a

SHA1
f792b16a1e227747df4bcb190cf60cac6fef36e5

SHA256
b3dffbe6a388fc2f9fb91c2174bc7a0b5c77bee583df3e7b27e6780f4b2d698b

SHA512
a6a364487778793f0e2f9c1367f761a570d2833a3126a8e923f2fd0acf5b18de0e333738f08e124800b33fce3e2c3fcdaac376889caa9c067f9bbf269309c418

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
b44cc2dce12aefaae015adf770e8d4db

SHA1
e835938d67adc437c95718a632476e4666b64805

SHA256
bc73eddfa7959d1a0a08cfb944d13c93022cf1946581e7871d240c9d37cd6eb6

SHA512
7ac6184914a880254a69dc822f827facde643657b72488e58a35272141dd1cda83eabad43407de36e2ae13cbf04871b9706e405f8d7d9775abf35cb51f209130

Download Submit