Analysis Overview
Threat Level: Known bad
The file https://u.to/i1YTIQ was found to be: Known bad.
Malicious Activity Summary
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Drops file in Windows directory
Browser Information Discovery
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-19 18:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-19 18:25
Reported
2024-12-19 18:30
Platform
win11-20241007-en
Max time kernel
299s
Max time network
290s
Command Line
Signatures
A potential corporate email address has been identified in the URL: [email protected]
A potential corporate email address has been identified in the URL: [email protected]
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133791063581844236" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://u.to/i1YTIQ
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff977acc40,0x7fff977acc4c,0x7fff977acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1844 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1744,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2132 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2200,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2368 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3148 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4380,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3768 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4612,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3364 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4728,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3364,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4936,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3356 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4976,i,2866439967813409954,2187815321583582477,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3232 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | u.to | udp |
| RU | 195.216.243.155:443 | u.to | tcp |
| US | 8.8.8.8:53 | 202.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.243.216.195.in-addr.arpa | udp |
| US | 172.67.160.215:443 | steamcomumniity.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 172.67.160.215:443 | steamcomumniity.com | udp |
| US | 104.17.25.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| GB | 88.221.134.202:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 202.134.221.88.in-addr.arpa | udp |
| US | 172.64.145.151:443 | cdn.cloudflare.steamstatic.com | tcp |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| GB | 95.100.245.51:443 | store.steampowered.com | tcp |
| GB | 23.214.143.155:443 | steamcommunity.com | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.21.72.124:443 | fonts.cdnfonts.com | tcp |
| US | 104.21.72.124:443 | fonts.cdnfonts.com | udp |
| GB | 88.221.134.216:443 | community.akamai.steamstatic.com | tcp |
| GB | 88.221.134.216:443 | community.akamai.steamstatic.com | tcp |
| GB | 88.221.134.216:443 | community.akamai.steamstatic.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 199.232.196.193:443 | i.imgur.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
\??\pipe\crashpad_3388_VIUNFXDOQJVYIJJT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | fcc8b7bcae4089d5f061107f55be79f2 |
| SHA1 | c2eb13df9dc968f4912e7e8c758516316f981b71 |
| SHA256 | b798ff4a5bc18e814579a2fc59ab9069a7f79285d3af32d7217f7211787cfef3 |
| SHA512 | 268725c50107b43d24b354b5b47a72048039dbe225e9ed37a95c2e78f4d317efd9c7190677d7252dda85de67ab8ef17f8143adf15d31a3a78a712decf38b9027 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4591e7f3b4f8dc0d72fd94f5f6f6e2eb |
| SHA1 | 89aadee7755038ba708a70316135a1a8f8f33013 |
| SHA256 | d7660361e2ef9817c0f83cf8f64a7ed8fb67298c1a6e1d5a6ef0da4a9c328f89 |
| SHA512 | f522d4b968df0d81780dd9bb4b2bede237c766a4e57f9ab4adb72af652d7778e699a0fdcbb1197c10c82ed9b389e143b47f6442ed4f673b5859a60ae9bf57e9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | fb87ba1647551712587226994f1686df |
| SHA1 | f94595f58852caf167e8f4e9a3a810fafa024c45 |
| SHA256 | 0dbf68b0340634bf529f7e2a2dec3242aa65c01ece6cc3c0fe44f710f3ab1244 |
| SHA512 | 29481d8dedc8e395ab4ed137e8cc87e6abdfc22ad6ef234baa797a5a4dee85d340b62a8c73f4e94658dac687cea4b93f88e7a1d2ae30f9195b810c13bc482ccf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 823f868e3dfe4c74f754a01894ac9e62 |
| SHA1 | cfb9f4403ab641d9730d577859c3c12cdf703e20 |
| SHA256 | c3d714b603460cc82bfca00c3c8b6adf0af8f45c54546ab5d388f66b9be03996 |
| SHA512 | 9edffbefe0eafe1667b0918cba828364690b811bc907665c5c96f7006f1ce2a6678928c55aac92adc0b48c8d4374363acb849ee85280807c5b0c0eb3398e2afc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a235fa9ddc99b49502ee29649c73754 |
| SHA1 | fd5bd1ed8c7d9b3cfdad66acb390a64f16a2bdb2 |
| SHA256 | 8d61ab34532a2c8fe43429d5e56935ddf820fe67c01c12ba6b9c8d87c718aed9 |
| SHA512 | 92676c965c6481d2ce47acbd385abe7aca8308acceed3e945d302278121e270b2ab8453798cc8d0ec07bcae97c356b76dc87110b2d9f741b5a552b973b5c1ae3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 79ab05261d30004133120784900c12bd |
| SHA1 | 4cd4eee0019b95deafc85ead18657e621746f1f8 |
| SHA256 | 7e3ee9ef89271cac09d150ebaf63e722c86f1406f82c1b1d852cf5f2f7dfb2b8 |
| SHA512 | f2428542f9424e9f13f4ea1eabec085942a82b6d417aeebd558bd34f1c95f3d4d907941586d0741900d59eb74448be1fac974ddb627989c919d540eaaf97e47c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f97cf7db1ad00f0a4c76fcb72767ccd6 |
| SHA1 | b069170f2c5489f777d029b618aac559d779a2eb |
| SHA256 | a08780d1cd0b250443376ca3d28437dcfff8f27e7faae4623f9b880467080c4b |
| SHA512 | 823aa65be892d6b24d62f6a9f2883343c5a0b7a361999ea137a21d809cdd912da59cac5c2dd63fa767f262497ac2715c1e05f9b0ac04c6555fc93303f637751d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cc8a7d24b074e49ae7674a8725dbb4fa |
| SHA1 | 812252b9932393deb8b10b000a92153ab28571a5 |
| SHA256 | 5fe76e8e8716780262d3c6fd694b125a9a7c6a075d897451b8d0b4a53deb2c90 |
| SHA512 | 93f7ad6050ef1ad4455494cf1d86366807a8b62c9c162058f36e76893de650c752c789308b5eef21b2c242f1218397c21f2cd6e8b4cc8de60f4020fdef08c77e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c246f9906b57f33f996e64fa22bf6816 |
| SHA1 | 33b91dbec341cf06c2251ed4128356b63f5ee0b7 |
| SHA256 | aeb09979ad708b4cd632b892295bc0298f9f72644ca8eb20d2571de824028c22 |
| SHA512 | 1db32695d76413f2670edac30db2c40ef0c271976f50f3eca6ffc4ea25fe869d8c31debabfdbad7b357ee243a146176cb6e6309ab0053b7600f93d1770c6f62e |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 5161f0b46da17b5439d8dcc73d60eea7 |
| SHA1 | 97b7d9ee157391990c405416399b8584fbb04ef5 |
| SHA256 | 477f88841068002cfd692cafed374066d248f0e8aade0262e1b6386b3413ea7a |
| SHA512 | 131edbbd8fc251f81ea84dbea5853caaef7191c7e3b3125f1714d5e401c440a51f9a87285ce343b7dbca1ceb9571784946b2b92cf736a063950ae2712c5e973c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 06d780c1700f683d9262d02401e41fff |
| SHA1 | 438c57d9c9b44232bac4270bfb27de433933c63d |
| SHA256 | 3e8014cf7380496d1251e220439a6b3aee678d58ac63cea28d050c6d2f531d36 |
| SHA512 | 1d369e7c1f362cdf7b013cf2843559148ab7111f15158ad611fdaaaa19b4ab4dc65b715f8d5f17014de331ba9326d3fa10d5c55b87f6ea699a98545e4e049bf6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 817aaea06a556f9341dd3a13cea0676b |
| SHA1 | 50d7417151f95673f8983e06973d4b1d297703c7 |
| SHA256 | 30dc31c56af85984aa58a9e865ef8649b143884ce418113eba170f3ca9dbfdb6 |
| SHA512 | e0282fbcdb64a536091b2e741b39ab61c621dd7721fc206c46355fe7e36da81c0909b5661e8be105235e589ebc918555e6320dc452212359086c5f6cf9c58fad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 30268106b0ea3897116470b3ad7b6520 |
| SHA1 | 4d015e53d231f1e3c2e6643685abdebee7159ace |
| SHA256 | 57fe01b8673fe590447acbc074152b521ed9e975b42c9305e982999acbfeabc0 |
| SHA512 | 8a9b9db8c6540ec8366867d46ffe495bc0ce1b8c5f43bac223ac75d1a6f1ca57001813b1dc19281823f4bdda409c0272e422d71917908cb73319cb49384af02a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 437dc58ef27d8825baef160f9bbce5d5 |
| SHA1 | 17c50d361e33a747dfaf4f6fb85358432be6b4fa |
| SHA256 | 0fa47861d9a37a755855e2b23e89339d8e8f60f7e7eb42204207c974835686ee |
| SHA512 | 5eb842f31d3e4f720a3ba3e802004d56f228caf980cfb8cdc8f00738cc0bdab94c2175f7ff244c8687b223e1b40d3c3d29cbf84a5f13f2d0333c1bdd28e0fc5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1b115d30620ef3ebb457000e567e2b7a |
| SHA1 | 733b6e9324a702092c1aa5ad31cac55854822cb3 |
| SHA256 | f693031f049a489dfd281ff6ef5f001bbe4264791279c988ad5541623dbaedcf |
| SHA512 | be89035e84b3db34beb577b89e393c5ef1fc69cf9c487f53f04a194c03151f4afbf6205a584482e99b417b897703289c684034001bc7f063e178ea701ef2aa4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023
| MD5 | 71d8c032980d1a77fc91df75f3b8d0ad |
| SHA1 | 6bfa8b406acf9a3572697e493b762fb5a22a4736 |
| SHA256 | f60023126bcd28cf0e7afe447e9052a6b505a55c4e5ff4d2a1234039b17375c6 |
| SHA512 | cb09472205357426ea767c0759b1175e8aef801a3068e1ed70b64930d878c6debeb7ec2beff48564ae37eed6dde8b18437f0cdfde5a68cc685917447fa7e4505 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | 5d2d06e403a7a43c4f093c7c408cd742 |
| SHA1 | 55863e196cfdff655b155ed2c0960913445236fd |
| SHA256 | cd736da48dba022636df45d58ba50f252b576642246e53d6f685c8bf9564111e |
| SHA512 | 71b55c6acc0284d11d7e6b33ad6993f8ca9ca2186b65bc377b235e4867dc2645c4079040aa8a24482cdd35d391dc75ef7f2b7633f7197c239d8075946108fcf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 231913fdebabcbe65f4b0052372bde56 |
| SHA1 | 553909d080e4f210b64dc73292f3a111d5a0781f |
| SHA256 | 9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad |
| SHA512 | 7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
| MD5 | 31328c0f2d8b3017c1e78cba762a6569 |
| SHA1 | 5a7f665152268c64c3e5bf861a4039a2208109f1 |
| SHA256 | 8f5d8f86ab437a37d80b70d00226ba78095856ecd147d535e02aba790f46aa92 |
| SHA512 | 9dbcbddf345774a7c8d464ea38de3a891dd52eba6cb7ca06b05d2b1938d37fefcc12ce4c4753525d5b401fda0f7c5101ea506ad2e6eeee9c98c953188ec75c1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1a9a6695-d2ba-43c7-9872-c4ab1be2f1d6.tmp
| MD5 | 34cddb0bc2adb61538fcd753bea04098 |
| SHA1 | 2bbcb7d8e058a916b5f8b2d50dd6fd65cfd03bff |
| SHA256 | 5d55dc34b014fea6578fdb1ce954a8fa161f30ed02436f62292d99d898ac6b14 |
| SHA512 | 19192196ee1083f0bd1720e53b4165061a6342fc39c7f865bdf3e6dd9e7bfe5070c7e9d3fe0b6ba94186def0cf9b3aebdcbd15d0c8b4bf36d082d839db810e4d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4b332fb2cd929b8fe8ebf3f8320c5b73 |
| SHA1 | fa42cd01e2332b03cda43e579137a441f84e38a4 |
| SHA256 | e8d9491d69512789ce4210685dcc9d6a87a41f790a3897e38218ab755d3d3a96 |
| SHA512 | 8dde50267223b85f1b4e5521be7d1d4e208d20312861d38f7eb169c269fb80cf198f288131c7a49af898448e547368c9e1cff85c7741575a45765a016ea9c84e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3aa3ca7e7dced7eccd4d5bcf52c42c23 |
| SHA1 | e9b158ec6dd894d9a697c0890d5ddb817fec1a7a |
| SHA256 | 9b31546f85f18a804d7557fd8b30b065aae786ac221613497af59823dd9b3877 |
| SHA512 | e8272a6619f4ec020cba8bdb1f50ce2947dc73203a7b28f518239ea8e203debebb9d2d856b69bf63f2ed19e7f70e613b251228dc8223a845fdb3c1c414a5887c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 120f449837ef12d646e5d9c3b0bc8059 |
| SHA1 | ab090a2c8eaff240a450024983ff9e9a89ac50bc |
| SHA256 | 3008400002ded4c6342623dfd13da3bb6baa7508f34e3586d1a931a3e2cd0a34 |
| SHA512 | 87710b8189c806ec20b0528e39bf4bc817e9e6a5455992549b60ef977c8407e7566d7b3d851f8c312fb97ca45afd78a696e16710e2b7ed49d531c3f08c6bc006 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 10c93792c614c8d279bb59bb881f8c93 |
| SHA1 | 41665b726596a3cece52b95e0c0cb670267bc097 |
| SHA256 | e28615c4c97b3f982a9efee8654b1b5d59d122548cfcc4f25dbf4d2d9abaa990 |
| SHA512 | 0bbbb24b371898aaf6e9a082ad847e703563c3d99c29b431878eede7538af2a1751e52c7409cb07936e14d88764abe4f7cd9cb918e0f401a3d55437ed699ecd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 56ffbec89b43087273ce059f9c4fc265 |
| SHA1 | 0b70441c27788f7f149d479a307d9bec6cbbea2d |
| SHA256 | 98ae8e6ba39ef452c69ea7f86082aafaff0c5f015aca631e0ebd024c4666eac0 |
| SHA512 | 4d36e7f9f6d9a25e293590da5a209c88521bae486b918fd9e878bf04b6dfdc145d38b11831383d279e4ea42a15a3fb6e56bc219d781535c94ba6fcc61f7d71b9 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | b5ad5caaaee00cb8cf445427975ae66c |
| SHA1 | dcde6527290a326e048f9c3a85280d3fa71e1e22 |
| SHA256 | b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8 |
| SHA512 | 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | d222b77a61527f2c177b0869e7babc24 |
| SHA1 | 3f23acb984307a4aeba41ebbb70439c97ad1f268 |
| SHA256 | 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747 |
| SHA512 | d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 024a5d8e8a32ca3de5c89d6e5ae95342 |
| SHA1 | 9b88bbac631188139065a46c36447c5abfb01c89 |
| SHA256 | b39b56e9efca78045cf668caa778c17d824692d7cfca9eb3e526bf90067cd3d2 |
| SHA512 | c3a86b53eef985b6eab231feef265759a579371730c2046ec37a98e07c75317899cce4c720296af4cbcdf317ad4587f0d63e98486f4e6df603c147c1115e1f15 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 143d18769e323ff2faac065f7e70a4e2 |
| SHA1 | bb4113212645aa194f6af7c638822c05a29af294 |
| SHA256 | e5a280c6484b0ea62c4e02bd262363b38c1fca1b95426edb840462622ecfb5bd |
| SHA512 | 9f724456f4f391acd0075c8901981a1c9689293dff530a7de034ff6fc24206ecaac82d4d91110e886203d2646f797f881f2ea18642be58aa91ac27028898bf8c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 403c9c14b252c03705e182e2f6661a1f |
| SHA1 | b0dae75b698c79533cd358ce48490271fdf20c32 |
| SHA256 | 063e637d8bac3701b689882ca596122e443d72f1746f4883d09c88c9c609a1db |
| SHA512 | d51906bdeac49667c40bbf38092fbf56bb6157193b2703390a3e1051b60438c3bee10aa06d695d59f5ebd703b25190f98bcbb2f17e7adf54f78e80b468e8e100 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f178e8ff5d3dd273b9a787b4578ba30d |
| SHA1 | 8daf06c2cd7e588cceda35ff4771039545b9ed92 |
| SHA256 | 08e7be0efc5eed3c3d22af354d70cf2a533ea739cd55fa33c6e7905fc2ee062f |
| SHA512 | fbe06a87a3d8aafc99ef7b49721395b224336aacf0f367015dac779acff569b2f9f71841a461bc20e3829988ddc9a036a60fcbcd536ae02c39b0bb3351a0275c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e6043d12dae9a3b4c3f2974b2d6aad80 |
| SHA1 | 9eb5437a091049fdc1aac3d6a5ffda4102cfb9e6 |
| SHA256 | daa75ef16f4b7b04f34948f6475f1a09cffddffb0a2fb76874d30fbb6c2ba490 |
| SHA512 | 45d343dd39c3ff7e7c0548d69aec3cd66f6e786e96db2469384bcf6a6ce5081d28477b8c048c65593830ef3e6cd1870d2e3e6ef887da7a9572efc1d605624268 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2a10caa7b20f186dfa71dbeccdd090f0 |
| SHA1 | e338ee17c75f7c1f2b3a3d74b2ceef9cdc05299b |
| SHA256 | b272c1ccafcb9d04d38da7947130f7b33d9703793c7e550b96142bd2798d57c0 |
| SHA512 | 0ec94595508e22c287a68fde6d3951a669719870fb777e50350641d5e27443554b28afe60767a01a7d9109e0b373ac1c74fdec26116c6212d8d25fd684da11d6 |