hxxps://steam[.]communitylistwork[.]com/sharedfiles/filedetails/id=22958664

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
28-12-2024 18:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steam.communitylistwork.com/sharedfiles/filedetails/id=22958664

Score

6^/10

steam discovery phishing

Malware Config

Signatures

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133798836185859931"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4396	chrome.exe
4396	chrome.exe
4396	chrome.exe
4396	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4880 wrote to memory of 1092	4880	chrome.exe	86
PID 4880 wrote to memory of 1092	4880	chrome.exe	86
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 656	4880	chrome.exe	87
PID 4880 wrote to memory of 836	4880	chrome.exe	88
PID 4880 wrote to memory of 836	4880	chrome.exe	88
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89
PID 4880 wrote to memory of 3264	4880	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steam.communitylistwork.com/sharedfiles/filedetails/id=22958664
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe069fcc40,0x7ffe069fcc4c,0x7ffe069fcc58
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2088,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1764,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2052 /prefetch:3
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2136,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2572 /prefetch:8
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3128,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3320 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4564,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4580 /prefetch:8
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5044,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5040 /prefetch:1
  2⤵
  PID:1852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3336,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5028,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5124 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5076,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4964,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5412 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5468,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4908 /prefetch:1
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5116,i,17281779958397631534,12895865135531561357,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4948 /prefetch:1
  2⤵
  PID:1700

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2328

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2136

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1f49ff59a3e789d14fbf93c1b1a2c5c9

SHA1
87fa21921d3cc4c38f50498e1c8124f864f4faa3

SHA256
162c11031759157807f78a1111b3f64d1b572d153380f39acb39752949d8aa46

SHA512
b4b31f656358b4c27fd69c16369dbd3aa45a7806281385d499e72894cbe4138d5336f4c0f17a9912ad4a05b80780a00555ed91b1fdb5d4108869d22ffc79638b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
19KB

MD5
176441e4bea94956830acbd90b5812b7

SHA1
6bfd6949de08b74c4b7c85af9f0fa17151bff924

SHA256
ddd26dcec1a2ea861b2870bd6023f95ae8ee92b85f8757bce02b97205b62a74a

SHA512
abca2d7b7463351278f41843429f61df2471c631631546c6ef6a748a3813391edfb0268c17651c132fc932d7e6452cfb95af4be8883c149086ff46865b83a94a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

Filesize
36KB

MD5
21f4955f4e7a07d5cae4a46fc74ab263

SHA1
3e3e25ca71bb03ce2c9b2a495b346b9653568b1d

SHA256
0870954849b1ccc0e6a9754cfbd3ce33f791cde77156d1f84519713ac47c37c5

SHA512
ec857db1522f15d6b769dc775550eb0023e27c080de45f6c091bae25b8524ed17fba0ca84af38459bb1d772bf479327b031e5ef677d3eb7f65c703c03fc70b84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
27KB

MD5
1b426a95ceb50d255df9458733818c61

SHA1
7af69a7e2c5bd92650e794942d9398614b502fc9

SHA256
8b37c74dad1ba4db120faeffbdb3fe0c405bf9d8b2b488b81332cd564f88ac1b

SHA512
40f9d2c1f86474a951b5dffea502b2366b2cca4276dba18183f36b33ce9b72557020a7de2f0f467da7b2063445807c3724bb43b4a069d98e7b2b17c832d289b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
36KB

MD5
80c484a058ca2ae0f9bc62a38223d496

SHA1
8315360b781e7161b79df6bc8def9a66db7530a9

SHA256
d7530b224b4842c08b3bd6e33a059d33cff50653f06b3080504785c6c3997c7a

SHA512
5b3aa4494da9bed0fc7e7fefe00e8343e3e63322b7923bbb959a0d274716da283cbea5ebc4b59f4e508b8167c32479ffa3ce8b36465c6563bc20101aad9f8608

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

Filesize
23KB

MD5
d48bf65711456911cf327c18ca2fb6a5

SHA1
3ed0ca9d1f469f5fdfc9f51612b0ae3071907533

SHA256
e56c441accbc0c0f8ca8554a77a32b0cd0bb9612cde3cdd73b1c89bbaf29b112

SHA512
83bf2f44ed404b078f8d3acebeaecb76b0780ad3954d07781694493a01c7464f0eec92b0f14cbccc90c5111a8058b7e1ff81bdc7090871f6bb6047239d3d80ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

Filesize
32KB

MD5
ad6a2101f96364c2d3ee3c271b3964c0

SHA1
1e26ed208a7aa4f2f5740cef06feb2c13d719938

SHA256
f579e2672bb674ccbca8b5393432b3e19ae0bd162e812f8d59e15467a993ab67

SHA512
09cf9880c1dff13410e0537b6ea6f9f346315ca1dd3858f90a00bb01d541513e42af9a175887bfe414090ca612fdc8fc407bea3e7e2950d50f40a97ef2cbf66d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000058

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068

Filesize
119KB

MD5
d45f521dba72b19a4096691a165b1990

SHA1
2a08728fbb9229acccbf907efdf4091f9b9a232f

SHA256
6b7a3177485c193a2e80be6269b6b12880e695a8b4349f49fccf87f9205badcc

SHA512
9262847972a50f0cf8fc4225c6e9a72dbf2c55ccbcc2a098b7f1a5bd9ea87502f3c495a0431373a3c20961439d2dae4af1b1da5b9fade670d7fcaed486831d8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098

Filesize
16KB

MD5
8d76a94fa5dd196c8841484b51b55a6a

SHA1
c10f10abcb7cbbe1569a7fcaa0735d0c7162edd3

SHA256
fc7e54587eae1e220b419f2e2b4c0ffdfcdbb777edf67441e01ecb1032c8049c

SHA512
04da8db8734475fe4e0ae572751955b90f5340e66904b6dbe7c530f27b930a1d21b69c72611a1128ac85b4cba19c78d5da745e552b08d4bdeb0bfbe9042d4cfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
86a88bbcd6f203e90d20051e4422816f

SHA1
e89c960104ecd0f6d2bfc3fa539755ff824887aa

SHA256
d83d225cf85d88976944c8e352840adcea615d7bf1166f91cf76b4305d092246

SHA512
78afb75c110cb50b0137eba2f6ecce082e0bb428a0b68e6d7d758f01022098f75fc88d380ba24fa3ab49b505f122526ab137311c8d5c5a95a612ffce558689d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
936B

MD5
29c0e3815e9ef6bc3f4fb1fd7bd966b5

SHA1
8f4d592a11f3009c3f0229eb4d13d0616f0ffefd

SHA256
acf3a6e7ce414808730307388216363648e1ec9264fd3b08ce3bb9c3a22a8094

SHA512
24a27092ade7f567ff453f7d98ed77d910901be19c26b3045bb28f146fc01c4809f7139e2eb41bc24d68f7bfcb0f74683de9e24550219e50f0e9152a9d58d304

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
912B

MD5
31298eae60e1a0e5bfd90a882f3915c2

SHA1
426862cd584036b76d9375e3dda145b121f786a2

SHA256
3340ac3c091791426464f6107f6d485622670e745201cbfe5b8020ae59d53f3d

SHA512
482a2ec12e5613d702007b8a0638dcc56cc85e5ff27b5e15b60ac0f09dca85cbef798b4e1108cc1ecb9caea6429d1cd05871b4c90f46405431bbece529107c4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
29189be0836c6c36bd9207002f8c0436

SHA1
a726ddcd63ec95f41af76cee1d51cc0466d87ed9

SHA256
c5db84bf01334fcfb4ff52bcf549f231834586529fea9f01eaf42f26ba53a8c3

SHA512
0637f2a61031c80748514c34031692ce164b01fc820f424eb2ae04ce9b7d7598b4ce3640b9e4df7e664ddd460ce4d84c6e6cbff1b7e63ed7710f1ee3df6b3dc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
eb11f1ba1ea844bf25684ae861f96670

SHA1
e789fc0b843ad30cdde07cef2751f753125bc607

SHA256
d0c970290b562e9b877d6ea757c5e1b9f95cef129eb2bd3085f7acb2616ce8a7

SHA512
2be202410bf85c29c9f15062eb1920b590e0265fc97faca44c25eaad5f5b7bb593fb2db15c627d7f5ffe56c963f9eda41bb021d84a82e382545eec3b7f354223

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b2d720cbeb425c58a9f461eab19f37f0

SHA1
8ca4f4a8d02c44669227d05cb5fdb502272fbd97

SHA256
1b8b220b9b616842e0d0b58f9d9221653be6054b464297a47abf6494d59516ee

SHA512
0a0102a39b730f8aa142f847e44dfcb854eabd669aa7c44c952125fde47de265f15c6d9c41edde101673062542a9343d5e93d6b20abd3f53ebb8d6e56aee0f03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9b8fea7acc464af7ceefae3fb408c1f8

SHA1
892d97966dcff93c47bcf46aa8b276b36878b267

SHA256
22f0455dbff4f04266b4306356f541858e1077e980cc9108aa41e57cac0ed307

SHA512
1d9a6fee4187ccca3f1ff686e83b6804b379f1eb548fc2c7f18e5296c50ebfa593687ed70af51034b3777dadda1774bd21e8fe81609da1a3aa6e350cfcf29f23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3670cbbbff6cf594033781f565e277eb

SHA1
ea8f98319a27f1d0bbca72d819784dcc60422c45

SHA256
ad26011649d1a9b8f76833bfff4b735390346e5fa551d72af3e3d54cb463c514

SHA512
5d2d5854cd9cd8db7e0aa751ef7186814454cf51358ac2e70e03eb42fe4f773e9741b429c84cb03f8c154333f9aeb992ba926c2f2ccbf4da6dded5c237c2cefc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fe261e6f3979ec91f49810139577db1f

SHA1
168d41375fe61dd4b21f396f4d898b5a06533ea9

SHA256
76013e6cf5aa1d588a432d8df6b89028be53d36a471cd9071415ba1cee33bb00

SHA512
34168e57d77c405db40f153ad29f3fb4ec8f98c4ff00b6de9fa60a716dcbd4e6cd492dc2a2ac34d29e0698a9727918e333b885f69f4b70b5ac5a7e3fb55bf3ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c7187678e69cd1972508f3cb46d61b3f

SHA1
9b5bbdb2de4d92ae31529a9e2bb391cd348b25d2

SHA256
d64ddd03a982e243dcb94f7578d78f877bff0dd0803f842a95e39a38f30a35b3

SHA512
8b85349baab1becfcbe98995310fadb9b128148291248ecdf34b4b6cc3511a0b2569eaad31bee874de2a07a07e9dd036eca09fbf97c0c5dc4fd47ea4f80d3c7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9c4f341d3ad1d9112c489a874dafa283

SHA1
9cd1297f62d184de10ab8c5d1e6edace8e158bd0

SHA256
0f7355178a3c0ad56f2de845d25a1b53f016e5e3a22ec799462dd02b91b24454

SHA512
7c73e6d35dbf9b6daa6f7c6a05815b55200ba76f0f4c101b431a6645a77d167adb0fafdda6885c7607f10149a00bed6967014a113cdc98351f3f5d85ed909fe6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
168e1ff73a0056ff713bd275252a3f71

SHA1
364931c1781aefc90ceff39b39d357ffaa3660d3

SHA256
842f6b9d8e4b1b5620a02908f816007e5d184f2d85eb67770e5676267c8b0b28

SHA512
5d2f426c9453c3e2fb07204a2ac216f770523535380f2cabb83dc6577f1ac5a2f35f4080c6911419b2d0e369d8b5811162cd9a98b13e2b0925068925ddea7207

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
86982cafc7bf97cf662e31b178621121

SHA1
66a4092d2903ae06fa6c2e2d8ff0c00090434a2a

SHA256
5596e19f6bc6f495a56dd71a89bb8e7409ecbdf1302ce092ce7a0c92a91367d7

SHA512
f44efd1e753fb4386f6c5a5adae82fb9f5e756a213aed38e79654ad4f50dbaeaec79f636010a3bc2d502d7ef55ed7636e889507cfd0d66c34f85d4ff04977403

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cd895e29160d91723c36abfe150ab3c9

SHA1
937a89b67455ed5b273bc51f15424ffe5b3292f5

SHA256
d3a4d2bd3fd67c45fe2ec4d51904aa125cb73eb56954ba838d110330b18f65ab

SHA512
427dcc2300e3af85122f992ad01e8e304accab98a0308505fc9ecf3b0ee7488484479488fddc74dddf0dfe9d0dc111cc8ddc126ddf88b5300d432c7ea021b912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
8418ec4c54bb3632bb58a2dd46fd8188

SHA1
5ec82a282a07e8482b6cd4df4bbbc52a68b4f3ae

SHA256
1d5314a5a438285f144b1e939d68bdaa1ecbf35c0bcc89258f28d7b144625d17

SHA512
72c9c2fb02ac8d36cdafd1dfb3b91a154129978fbfc94e0fc833b340d9918cfaaaf3f20eb072bf4befddfc808f07844c8869d323ec9d3826eee5ef37b800ffdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c2768daf8338e95401a71c879f9051d0

SHA1
13af0f21bed5fa680d1906def6ea0876a82a3276

SHA256
4b7607bd1c136b872e9fa0915a1b3b2bc2fdeac98f43dd28e811085d0fcda28a

SHA512
fdedf3a95cdaf1ba2c1d21a1bdd4b87b4663ad9592f9cc2852b8164c23ed4af7d535cf0d1a93ad0d509170b0faac7a240f96432474894f8b4dfcb30d90f93617

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
08490f41290e6dd84cccb58021f8490e

SHA1
ec3ec11acf5bdef44ae02df319c260cffec8cad5

SHA256
570bcd87fe1a6dd6a8ce5b2cf974cd378cb0ed858192de7a4d1cedbca3420ba4

SHA512
406468c74bce03ae7094a0839cd4dc1ea0c38129962ae5256f32e00cc5ff0a162f27738cba6ec2d9af090b9c5339d36e1c81bd848880fa224b806adaec39c38a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f7d3fc1bdafa9dc20e57d389914675c0

SHA1
9e06c000bacc4693a8843d00e59b073bec933248

SHA256
1239d01eabfd868b12d2784ae914bb87f695d1bcdabd1e3cb90c88f5e6231949

SHA512
5d600b2bc4aac3c77913dda5b389d729fd08e8f192fc141c4fd77aabe58e07793da6d4bc404a866c796d7968edab7c9fd243866d16678b866ec5516997cd17e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cdcb87d35c92a21f37552b8ef7676b37

SHA1
76d0c4b082b969c3482db25fe0382aed08b678d7

SHA256
0daf278f3fe389286ac10102bd99ae556228798125c2f9334da1734086e680c6

SHA512
e329f01d77740ac83630fcdc4a773c62a33da3f0e53de1e3bd6ca4ecd5aae7c0db91aa844c6b9501838eef7668155702ef2f10072cf00bddf781aa04064dbeaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
214df60ec6d8b2fa78b6dbadfe620e37

SHA1
05a52bfc5934bb4f1595314b90a39793627e3340

SHA256
720710e2aad11fb0b768f4b4e54fda82d2fb638abc3a0f4150d42856a3a46569

SHA512
e008b5286995c4cfe70eff99c516d4687cc6cc9659cde6e09dd9779fea9e9203aeaad92c0a6ef9ef07c9a2188ae09bf572d276054d9f24c5dbcd4a0a0c25dcd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5b46a3405a82f273bdec36f86896df53

SHA1
ca6a3196fad53ea4b8ee26dce2ad01b5b2814b44

SHA256
5900291b3706aa68ac45e2634bef33b3f7c297e41d0a59117630ade8b6b30ecb

SHA512
f4a0fc5deb264e9c249f04a03f63f5abe9f0bcbe1391b19bac1b1983c486ac35bb2b6e91c3d2fbaf21d065313227a56b2e5432ebd0fac68707047968e11b41c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
047d2ac0d229041f459ddebdffd9f706

SHA1
40abd15fbc5d86a8c52c481436309e9a3bb85c68

SHA256
b8b3135818696f58f549484a1aab73e861c030fbe860f30d4cb8793e166e1d7d

SHA512
9891eafdfd61afbe21aae2b948d9a6c6c43bcfb8928187bb71f05ccfa2ca2ad95cc13aa3052aa9f069a1609d8349182a0745a6fc62db4a035d5af4448809849b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
2a9a06c13f74f15dc52fb83d8dfef3db

SHA1
9212ca440fdb3a18771223b6d60682e05ab6b67b

SHA256
c27e6a8f5d92213ce3fe775e31898681fbd27ec22654583d0fcf3a1bcb4a2e5a

SHA512
ea4b1c7d71048d1a04221f2663b3e00bffa5bd626493296699ecee5fd420fee67788601abd5089f6cdd3a1d6fdb76f5ec87332b6cea33f83a5752153bf9b56c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
e59a65e7c68a6c3eb494cb679a106661

SHA1
ec7fbe1abd628b1448be49fa9fd0731a7e541279

SHA256
133c5bb7d38cb2a94e2d694b68a324ef431197d71aeb3abe19588afad7a0a66f

SHA512
5a4ad9bcbd3a188813389f0c2caa7ca7c005750b820bc756533cd85b7823694067c79b24a30d2d1eabbb454796a4838559f80cf02df5ba66dc8de122ed16465e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
6917fa965243f4761ee7e6804786880d

SHA1
c8b253ff7d0d57cc55b5d4f02b999afc7bd24798

SHA256
e38530d7646889945be446a0d09260715be3acb641920eb86215b119c74c749c

SHA512
6712e4ef6b0befe713e35f667e091c470112681d122f95b89be7c286a1c5d477fb2c47332aba0cb9891980278009f295591f2dff408014a6731d1275bf48cb7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
1d84674c4739a8568cb53178031d9e58

SHA1
b6ea76e48625e397acbab2f57d14029fdac3fd3a

SHA256
b44db88e64b6db1e00b7a126dde817cf4a42aae5428ce5747081b5dc75cada5c

SHA512
0ab07bf73bf3c58c0c5e1fc5e855310724d2f762aac92039f85e76b7d97625184406b6b4f3b5e4ff1184c8c8a8a12eace7502754b02263811ce4bba40dd05fc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
3017e9bd1b60b899f8b0b7286c7abced

SHA1
f19ec62f240119e1e13b4be1f2b1c22188495845

SHA256
9253eaa6b632145ad6f02c1c9c558bf2b9be9943501dee4286b67748bc5a386e

SHA512
7f95d706f2d4c80d35d8ba3ba21aa05d1fe92f3670ba3d2dfd5d4bfb11d703c7e49d7fdf13f5bc6cd3850e657292b15a71d82035e2496957f393b848ef41c4fc

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
ed2111c74718293771c748678cb23a0a

SHA1
56ad4490c924fe7d482dc66318483b6e030520df

SHA256
e4a23a23d0686055171c88ee7800d7ed2c9ebf7a0257d9eb7fb4f571eae4a49e

SHA512
5b3e69c829ca2f45fd9b275e5937beeaeffeb1aaab71e2b7b4896c95351f71613f063c88eb76ed5224f3b7c9c726e8bd1cf8d0491bcf0c8eb346554d4b8b9ad5

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
2cda7041c23eed68d47a0cb20f9b6e79

SHA1
70c6b83cd1607243c885080e72f9ab0e1302bbfe

SHA256
58676c92c36cba3f5bf7e2c2cf46bb764fa44d3501b5072f2a0e587bcb684215

SHA512
e12b7a5775a1aed348267b3a2522c0a8c80faf5d31dbc6b78296f1e12992eb38efd59c0573af6337f20146e3fdd5dfba04f68c94b08ee977165744877716ef25

Download Submit