hxxps://steeamcommnity[.]com/utre84/nuber/tres

Resubmissions

17-12-2024 02:49

241217-daz3gsyqhr 10

16-12-2024 20:37

241216-zd9lzszley 10

16-12-2024 19:43

241216-ye7ncaynas 10

Analysis

max time kernel
104s
max time network
105s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
16-12-2024 19:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steeamcommnity.com/utre84/nuber/tres

Score

7^/10

steam discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133788517939491222"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
4948	chrome.exe
4948	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe
Token: SeShutdownPrivilege	4948	chrome.exe
Token: SeCreatePagefilePrivilege	4948	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe
4948	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4948 wrote to memory of 1068	4948	chrome.exe	83
PID 4948 wrote to memory of 1068	4948	chrome.exe	83
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 5064	4948	chrome.exe	84
PID 4948 wrote to memory of 3400	4948	chrome.exe	85
PID 4948 wrote to memory of 3400	4948	chrome.exe	85
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86
PID 4948 wrote to memory of 2776	4948	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steeamcommnity.com/utre84/nuber/tres
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd5e5acc40,0x7ffd5e5acc4c,0x7ffd5e5acc58
  2⤵
  PID:1068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1928,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1964,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2084 /prefetch:3
  2⤵
  PID:3400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2408 /prefetch:8
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4504,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3856 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3380,i,11642285938561863516,8714951089599501659,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  PID:1752

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5056

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4372

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e7cffe4c41ba067e608476ea05b1ff64

SHA1
b75d9ae38ee1d5a23fc432995ba0e6e74dff93e9

SHA256
21f1a1713f55521d560f1bd81633effac30a9957a7ad28847bbf8c5ce82b3dd2

SHA512
8a9e6809e9877aa77129771df1be481cce3392bdefdc6bb97d2aaea03bdc1b17839d37516be91a877369d78ce3db382f07c8d2fec7bb180a55a8a0898b1212b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
937f2bebfa36f43171c4047d822cf42b

SHA1
b33c8217d26d550eb10da76a21696ff7d129fb20

SHA256
1c9a740018761026b7a8cca62adbc8176a0265547ffb950d7835d7459f51bf72

SHA512
a337e56098da7068c7790525a7a98fe0136a734c739ac32402bceb2b88ebef56f010cae489c3e919d26680752d9bb9b6b3fa7b96d6d6ef2a2fedcf43afd5b258

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
53bc3851916792c498c287ccc1fda347

SHA1
b2a98b835c8d93fed312d6a38f7403e638711927

SHA256
e534ede2f7383a0f427aeebad656194e1caa956e89117eca03e5b1a10e939e9d

SHA512
f8a5deae95cc876b85fb1e2f9cca91632bf8f0d1f1e6c0bc007f1fe6bf3614d5f3cfc039110d007eedbc8d195515149f7408c340cee3934371416dd57022c10c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\826d0973-07a1-4855-b84d-dea8cb84fae8.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
50bc1b5dbe2199b5c6571d6a6e1242ca

SHA1
68125c9c00cb742f5e521ec25eb5cd0d94cbeee3

SHA256
0be4cb69e1a9ac5909779830316af7b1fcdf60759e4ae02542700a0307e08606

SHA512
c63f00ad4f953d7184168de4b39431cea64e58ba9cfc4e36455426a78f393dadf9843d83108f222b1814d206268681909a952dcc47a148e3fdb5e41390e3fe12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b820c93eb9bef451750261da624220e5

SHA1
ed310479cf3179f07c5953b656e726c5ea564704

SHA256
748cf61930f62bbe2f6058a88e8e059c2dcd342ed62dbb1b6b27f169b171433c

SHA512
4cb7253d8299863fc293f6e7e2e3ea200d00576e0c6a41fe907dafdc00d6ae491b9a89e06764e830f0bef80306f89463a1a611d21219e7e2195e77c7de1758fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3361ae0d5feaba5e653d68500700fde8

SHA1
2abd2652f00ff06f995b12343eef77d1bda79b4c

SHA256
032c5d03b5dd9fff91fa7d065ea5688c15d56a7a820031e116b07849416c22a8

SHA512
23e4e5a807ccdcf43d85cbc1775e920d3475748f919f7a94e76af5cdeab4285c8c8a1bce6503ad8f3fb1b1566ce2bcb42751b554d353b992d1c19e9f8178a53c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ca8e3d086aa04612fcec412277366289

SHA1
8c4cb1835a8dda478cc0c37b207c42861bb16b41

SHA256
5a4876db07715537fbefcf99c040535700fbac7f81822cb6c3a0c322813e81b6

SHA512
b56efe668ccbeca40c22b4faeceea3b7af9c357db522f2f3c2bcc6c9941c811d40602d627f67c5a7bbee4c8530a55288afce9d955952b529813cf4203ba2b1e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c3f2b4ab24be79d6fbc934d369fab6e7

SHA1
7314748e55785856efead86bae844c28f664d78b

SHA256
44b46fc602583d28ab13e48edc4947425889b5a64de427237ad383ba0dac7528

SHA512
314598c1951d6f9a49067cadb9f4891d7da3e2a15c9375bca05575b9ecbc27fc7b881aab7a0bcfcd8c28808da7b80b6a44aa5cf666e95f3a2069ef3c9294456e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e68e5a5c9c56870b8766d3b9ae66876b

SHA1
471570bbf612e1b2b32c733999ff2d1937352539

SHA256
dbdc6ceee8f2e20c1314011dca91f613be1b7e56cec55c1f18a9474e0e28e927

SHA512
95556119241eba78280d7776730d0da8fac564d0d5b2d3767628a458da871230fc55470ef59d6afbeab14971b3d491a14c5ee5023aa1f9ac8f62662dd5919897

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
b2ac4cf9153799051b79468191dd5067

SHA1
04af888753fd98cd67ba84712569f077a74879b4

SHA256
7991eb5f8c4f05d64c9eac135664955347897cf62bfcb6c00076fa293583a1f6

SHA512
0eea686662c0da309169dde33a1f9476aee66b8318abee1dfd06a1a94149a3994886361982925f85a2ce5ad6312cc51186abe01d89921e800f993cb3da651377

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f57c1afdc7837ade906f25889f2c2650

SHA1
a9ef989eb937483cbae20bd0c9ebb3a273bb9dda

SHA256
1a6fb35a4e1b5be9563fcc39350f9e95a917e2b09fe9ed8e23b749416f4c16d9

SHA512
98f48fa9ae45ba9ae45d9f4473efa6ddc6336dffda43be279449d0e88f71cf18c26af3bd281f1384721356ec62bcf9733a7776376ee496a03762c4cebe7ca13e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f0eb7fbc12cc9389aa245be449389b73

SHA1
600328f34b1a2266e2d2f65cd269be7b2a0c1411

SHA256
ef01286553df3a474c6f5d8df972944a0ac17ad516680ca7f7b201fa68201c54

SHA512
1a982c39f32ec40e41b878ab4ef65784db0301db5208a97086d3db830a484659450dd1a809dbe1b0f9cd6a3f62dd9c0d5b5c388917270ceb4435609f8088ed3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f9baedb6c98228085fab77d88faff4eb

SHA1
383abd9788ad1f3ef97d0d14d102a7ca1abeca7f

SHA256
5957b77dd1edb0e9a4d0760c868a3e63a6221bf53285e330a866b248350d5172

SHA512
d9f1528c524abe12989aa85a12a08891246cf8be755fec6141ad44ba3be7255f45517a2ddf0a3a99d559406068f2a23a86395a7b0e38eb16cab7104802a62660

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
77be3640d7a770eea93fba82e2e4ef50

SHA1
2ef5dd1327a64d920bf6b506c5ef0ba348042400

SHA256
119779f30f5d31474c76bfb9ccbb978ad1163072f6f47d890ad602e90374c830

SHA512
69638ae2d26ebcae6a064e215f50f7d507135aff035e5f97fbe1a2922a65a74064e95525030aa203e0866d9f120e21f12d29ca1fab38213e164dd3c4375e997f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
cea137fab424dbbd55d95218c63b9546

SHA1
1129c6e4124998709b2d9f271595ba1715969c09

SHA256
5d84502732b30fe1ad1742d08f34cfc0ee3ed43f37c1e0323c4a082a37e4de0e

SHA512
4a5d85b94996d880926b45360e90c1106b9f55d851396379e1db98a4f74cd6ae60b6c0c86be730d9078777662c3c4dd469fc64a443e09e73c509a68589265793

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f03ba5c3a6941364304b163b319ab356

SHA1
ec52d353fa90f0dbb1e340477874682c2cac59cd

SHA256
330ee78d3f615704c08f8c812fef44bce4eb59ebbafb05b02f7fa91c801ff0d6

SHA512
30360482e2291808506cc66e71f3fd3bdb8f922d87199f5a037d004fd2abbde5a57866c761a7ae86f57b0fdebb2e1f7eed2276750aebf3e35cd97815c7c5a216

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a39ddc162e4fe2c97532766a7595f51b

SHA1
ed4218886a305bafcfd9d0f604781d8b9d9a7060

SHA256
9cc677ae11327908eff8224ac822cef5c5e5feecb05da6197dee9e77526bda76

SHA512
c27ea7b00f59982ba2da646652837bf272b54e147e7181659e56043c96d9eb5e01226b35c57d672d54490af4d8b40e748bff108c84cc1516bc07ffaa9e24e6c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
f7723970ed0ad42ddedaf2f4e71cef55

SHA1
e7e730f68c3527af7bd3c9d3544d2e4ddebba0a1

SHA256
3b0984fddf561e5feee8dc44b1df2c69643c5bb1262c4de9ec987cfb1d1760e4

SHA512
b413dde78e3588df8b2599103a2ad5b343ae263dc6dfc94303683e1ca992779224ffef6e5cdd31505b08c33bd98ca7bef764cccce12a51ce9c3d9267df0dbafa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
f4b2784ccfe60d9d5f8f600b1af27fdd

SHA1
5fa503b3d2dcea00702f95c648340bd0f0207e17

SHA256
65847e4d871d251737456baafeacd5c1871b55c352f62bc6a6248e58081bedd0

SHA512
ca930cffe3c1d24c3a27f8121238db045b843cdf9c7595d5f57e90e186e00a781958c73fdf437f33774eba4d285b7500585ecbf4c87a929fc2c20600a1c00a72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
409c61a4b387d5a0e329befa29525559

SHA1
b34ce1fc530d2d4a5b8d543ee0f087a61fd4d1b5

SHA256
6f96dfd94a656b21609905bbce9594a6f2e10ebb9eabbecfbdff45b1525a23ec

SHA512
254f48849e941c36d61aa9208a928a17551ad2e280c20d8f8e11540b53d28c9bae1b5c078ef9d0c89fc5fb7269711494d71496112ef20c7ac48eda7537aee490

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit