hxxps://u[.]to/aBUXIQ

Analysis

max time kernel
149s
max time network
148s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
23-12-2024 19:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://u.to/aBUXIQ

Score

7^/10

steam discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
A potential corporate email address has been identified in the URL: [email protected]
phishing
Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133794566145128053"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe
240	chrome.exe
240	chrome.exe
240	chrome.exe
240	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe
Token: SeShutdownPrivilege	2068	chrome.exe
Token: SeCreatePagefilePrivilege	2068	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe
2068	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2068 wrote to memory of 3908	2068	chrome.exe	77
PID 2068 wrote to memory of 3908	2068	chrome.exe	77
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 3540	2068	chrome.exe	78
PID 2068 wrote to memory of 744	2068	chrome.exe	79
PID 2068 wrote to memory of 744	2068	chrome.exe	79
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80
PID 2068 wrote to memory of 2804	2068	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://u.to/aBUXIQ
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffda74ecc40,0x7ffda74ecc4c,0x7ffda74ecc58
  2⤵
  PID:3908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1804,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1800 /prefetch:2
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2016,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2116 /prefetch:3
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2156,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2172 /prefetch:8
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3048,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3064,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3052,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4376 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4524,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4532 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4832,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4844,i,14994835989520479865,8920645531363962395,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5000 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:240

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2620

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2176

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\93a2fd46-930d-40ef-8269-28e46b412b5d.tmp

Filesize
9KB

MD5
32869aad00c579c084bbeb75d64ed02b

SHA1
ab3655dc0151a0f6b4883b1a46a7e22d4c979f55

SHA256
9ef2e28305f51e6fa809be7e0c106d907b6ee0fa4f3d0ec3f66c5dfa441aed6b

SHA512
73d81d837b6b6d0be506f2f75237e49df1989ca178ea8925db3319cde995e44b64bd5f2650594bfcc734b8b83231a26999db8dbd33b32236e8b777b76a5c80bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
76a9c95a0b50f6b87e01a32b56c4f908

SHA1
76bc7ca2e23b5b1d173d287ba9a796e06f7bd7e7

SHA256
e3277546c191fcb1d0aad7868551777096c1ff91142e670dca2eb5af8b7a40ad

SHA512
87a01de6062e5ece72758310aebda56daa62ad3fe82534bd1588091019636e484cdab28ac484506fe90f5721f06e553f52e0590f3bd76e573427cc1a6ea34a75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008e

Filesize
37KB

MD5
231913fdebabcbe65f4b0052372bde56

SHA1
553909d080e4f210b64dc73292f3a111d5a0781f

SHA256
9f890a9debcdfccc339149a7943be9aff9e4c9203c2fa37d5671a5b2c88503ad

SHA512
7b11b709968c5a52b9b60189fb534f5df56912417243820e9d1c00c97f4bd6d0835f2cdf574d0c36ecb32dbbf5fc397324df54f7fdf9e1b062b5dbda2c02e919

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
dab3d7912d6e2a55d36d7765983800d4

SHA1
3da342183640744dd79d061fd79e9971b36954d3

SHA256
c7611abcfacdb1986c3a73f17108bb70f63283aa5fbda47837d304461e62d192

SHA512
3ce6ceab6024c58751dd3d587421afd638e88e092f50367fbfd021697b0d9c8bd556a5f4cf30604b192b71d0d9f57d6f1143a8ee70ecb20261132e2f39c61e15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
65f6257beacd1529861366d10cb066fa

SHA1
167c56516435df9f205c95157a7fe3fa0bcb93c5

SHA256
a94645195de8e3a488034942b1e8629e096a841ed21364e54e69ef0cb5e702a5

SHA512
000ef0c8bca42f8d255ed9757895d7f723a0bf9d478e80c588873609516a14fb55300c79735543dcd52354654bab8e99427a8a298d29aa37bab756a4667fe9a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
73e0c5ef889e2028286caf71095c2fa6

SHA1
f3d32c3e1d51105616e82572ad34dc9be30f441f

SHA256
1b38e68d6c3d72ad8797e62e02741b445ecc548e7f70e24e6561b668860454eb

SHA512
209c5e52d4c1a42bdc06bae14b51c16da2e19c733c16c36b8643a143930330db53fbc753884be2ec54cf3ca826dba17faac27c66a35ea77960ae95dfdca39463

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f818906888f3e58384ec5dcf613ab5f2

SHA1
0bee6e48c7402b868d56ded7f2482770f4e26f38

SHA256
e8a5ed94c28b181b7de186c19c7763753f5e492d4a2dd32be770a442d1d065be

SHA512
b208853bf4b26e7e270b9f1c3123df779c44b17907d185c96f14cc86b7694d1cb611a964e811642bf9017eb6449540a397d3014a565250fdf0901e1add5466de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1c8af26edc4b6f383608ccc3cd7b38c7

SHA1
c4f601e957a12f13de7f602b9642a93c447cfa5f

SHA256
b99a3a2495d4faaa088c98d4c93065d6f0085fae8f6ab018ab529c934ce1a6aa

SHA512
24b2a215307de6bc1dbe5de96a73a3da5e61981849826c9219eee59f74c98fd74fe045fcf17380cb2b77fe6bc9f9d0d398d3861b6fe37f84c5bb9b27d9ad7da1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\a3892c1c-3296-4b48-9e32-1556b9f778a4.tmp

Filesize
1KB

MD5
1279eccc1455004b4e905244e5d55705

SHA1
5d3606133e0b78916e1ec55e583abaa9ca0ebd12

SHA256
9dba488d07553402218c1cd121420322adbafaa41014ea1efa3f208066bf27e7

SHA512
f5c2813b96e21942c31d45a62b8e05841e41fbd6c16adf44b292692369fecaa0a89ffde538c3fd1593f8ba5cb7be6eb70be2c77b8ae1fd99f07abfd5d3f75651

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
109bfdf4c2f836cf0218bc4ba15968dd

SHA1
629b12f58ea1f78c0473bb239534f677a297ebc7

SHA256
2c9767af432bad500ce7f9ca7a2fb0e87e19eeb94f8fb741611316b2fe855f3e

SHA512
122cc0e36236f18bd8864e152592bb44cba39b524f616220fc169061cb5a69898d6382dc01568cf61fb0240c1b358e6be564ae70cde1029585756f9f1821e702

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
606c59beb4018d525cb3d50cfedc206c

SHA1
8efbd4b4580f6de716b6e819fa811adc174721e4

SHA256
7f28098160d551c5f9a99a3104344c3059bca0eaa8e2ecb080b79282e6e1e018

SHA512
53823bd8629599f5b616c57f002cd8fbd8a66e01ff8e7a092927dd3e40efadc796decc7671374d4484ce4ade1393ecb48978e5264cd90ae9dd471d1d1ccd88ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d78e57bdbbecf58a7f63768668dc9feb

SHA1
f584e56e592303c47b53c9d053c026cb4ad76e10

SHA256
d246a49d2ba950a5931d7f24cfa95f23f9b66b712c16e40f5750b096d7a0f2ac

SHA512
af7be84a245eebb3177570e23a398360d9a1d4b488239c4d6d33b00dd6e636e13c7c85ec733dabe4aca675c338d7e4135998b600f895b49f951d96c5fe0f6478

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6519af05060b4cd86c7821e7ef816271

SHA1
3a4fdbfeb5f96f39b83b30ea15a7e50ae5e0edb6

SHA256
58fa1ea07b77d85e836ba851a507996bf6503d99439065dc4e7011b1619b3452

SHA512
9e622958b8ab56d63f0297b8aaa9580e33f055ebac90ddf793f56e3c80ca27de69dc9fc8446187ea8a64d3d5bb5da37fff2880dd7b925a9b2095b7c8b55a960a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2fd7939abf8c322b4015db0fbc1dc046

SHA1
b3b9cbc6d1c39f696ee6929b4c642e63a06c120c

SHA256
cd0284fb64a401e3b42bfa7a0552f22b5a2545722be68ee6107c80f5633d405c

SHA512
f7aeae3db16f3f3f102ab8406af67d9f459a4e804638dd7ea169689ff1431d32b2e882f90276f1628cd2a9ba2c19840a59da87c86376a704d85c6422fddb0874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ea09187dc70bbd9671b8ebec4fecf51a

SHA1
c5db6fb57e42c83ba6a5e99115150862b5dcbe52

SHA256
06b5396afe386865a5e238ed1d17a48c179dd52be4fdb7984f994b748883f82b

SHA512
bad713c2be95a3bd665349a7bb8a71b2990ef9906ef73aff93c8870cff418c014bf4784a7e2e1ecbc87c4c6d18711dda4c98fe3cf3c2aedad9390029a2bddef0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5a7034d6bcca9f2307c6ec445600afd7

SHA1
125d2ff4600bc81564fdfee7b7b1313d1d86044a

SHA256
41bd3be2767832db177985976508c0c5819c25bb75f906a758fb25c394a974e8

SHA512
4ef3965c2a8b120b76fc66c212a4b88cad36e74cc6692bd3ecad32c203ab3b4766e0ff25f40a086ec5354a746507868d6ad581e8168204112e6bdbaaab8113fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
bba635d7cc32344a98e4dbdb4f73037f

SHA1
da0025b9df2b5956917b1c60acd7dd93fd523039

SHA256
f0e7b90ecd6ac037083f388fe8b22354710cec490d84b786c4bd57f18824fa90

SHA512
c6e8fea4cac96435ee4921f8eaac9d5a1c7ae1dcde3ffd01c26a2477d9222d7aa5b201c710cb163265603b8540b60912dcaa80601b8b71f9970ba0e1b853ccf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
50f3d532d0ef7e174002e8ec5db05311

SHA1
d33bd7cc89aea49579b790135dcee61a9b026fef

SHA256
a1a6950a2286cfa3099b5189b4e449d66debb2621c367ae08c5328d4f643802e

SHA512
20e19f36d6119478e78d7b4d314ae88b082ea69898686f10c771fe8f9127c5ad22f9f639c5e9e794a52468b9f9cd21f98c0078c936c7cec87a199e9bf843d3ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
750e5471462c41c216615a573bedd166

SHA1
c9a57b2581332d805f6d1187483f733c4aa419c7

SHA256
0668343cc345a6515ac3df01b5907f149e027106003c88bf86c7b76e0de5612f

SHA512
794a6fde86dfeed87a0398e2f50c35b281a7bbcc63dd958db2167b1c4e9f594f8f9b877ad3822e619c4575be94a8490bac900df8bfbbc0cb1317b89b872c073c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
e0c1cae4853b3a7e92698928c5730139

SHA1
6ba451e58dfb74ae79b4941ec6967b0de84aaef1

SHA256
0d108b456b263b2608755f053f6d471af786aac38558aa44085ce8bd593496ba

SHA512
034c933cb531308377ab680033e9d7f08033b05fe939545e80f0d5c56ac1839fcaa2c14d7e3306e0ffb17a63babd818a772a6722f35c6bac8a0ae202c5aa80c5

Download Submit