Analysis

  • max time kernel
    899s
  • max time network
    845s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30/12/2024, 02:20

General

  • Target

    https://github.com/d00mt3l/XWorm-5.6

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/d00mt3l/XWorm-5.6
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3200
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaca9acc40,0x7ffaca9acc4c,0x7ffaca9acc58
      2⤵
        PID:5108
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1788,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1784 /prefetch:2
        2⤵
          PID:2984
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2064,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2088 /prefetch:3
          2⤵
            PID:460
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2148,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2372 /prefetch:8
            2⤵
              PID:3932
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3064,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3096 /prefetch:1
              2⤵
                PID:3908
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3244 /prefetch:1
                2⤵
                  PID:332
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4472,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4612 /prefetch:8
                  2⤵
                    PID:5000
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4632,i,14999521081858164495,6652517560040061279,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4780 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:3504
                • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                  1⤵
                    PID:1800
                  • C:\Windows\system32\svchost.exe
                    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                    1⤵
                      PID:4124

                    Network

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                            Filesize

                            64KB

                            MD5

                            b5ad5caaaee00cb8cf445427975ae66c

                            SHA1

                            dcde6527290a326e048f9c3a85280d3fa71e1e22

                            SHA256

                            b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                            SHA512

                            92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                          • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                            Filesize

                            4B

                            MD5

                            f49655f856acb8884cc0ace29216f511

                            SHA1

                            cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                            SHA256

                            7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                            SHA512

                            599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                          • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                            Filesize

                            1008B

                            MD5

                            d222b77a61527f2c177b0869e7babc24

                            SHA1

                            3f23acb984307a4aeba41ebbb70439c97ad1f268

                            SHA256

                            80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                            SHA512

                            d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                            Filesize

                            649B

                            MD5

                            bda49f9e1cd081fc9a1599f876a3fbd0

                            SHA1

                            17ed07741f013a4b2868c16b2d825e969d045a25

                            SHA256

                            d7d6a683b2a5aa56f8a040640a70c50349001277604c629cbf991cabe3db9278

                            SHA512

                            7e7b7a5409753cc167d5207aa89599ad5603c3481dcf386314c09484f338b7cedc46d12037ff47599b6dca76b402af8092d8edfdcc05a70e98f8f8f29724444f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                            Filesize

                            2KB

                            MD5

                            78f93cf3d485b564e7557e000fdb39cd

                            SHA1

                            33341e20ac55c339d2672533897965aff51dff84

                            SHA256

                            b148f8e6ba274190e36f43b94b72a1ed45dffa168fb8d0b5d3e8cf8f209f0bc0

                            SHA512

                            6ce065dfd1e4ad7d5762459aab3792c6125c73a0afc500f306596431487e823d6c12fc6b159a65dbab66bad4aa5c43305bfc173ed9c4762f0e0a884a2b99c788

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                            Filesize

                            2KB

                            MD5

                            dab592422d841acf2ec890f08908aa79

                            SHA1

                            ef58f92c6180640eb844acc04d22847085239c6a

                            SHA256

                            ec9b5c4b96e016e357e313bd74eb57205539908ca719062d1faff67a4e6e217b

                            SHA512

                            96871a046c4f80093d135ab4b7cb7033573e71846fd964c4bb0e1dbb299f6a4f84ceee6b5c583914daee5b6bcada1e9c11f370378395ce49e7d26cbf8104a5ee

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                            Filesize

                            2B

                            MD5

                            d751713988987e9331980363e24189ce

                            SHA1

                            97d170e1550eee4afc0af065b78cda302a97674c

                            SHA256

                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                            SHA512

                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                            Filesize

                            1KB

                            MD5

                            55c50b1b438233f88166a882d5add764

                            SHA1

                            9c4142593630d5004da8e0d65b6f598133d0bcd3

                            SHA256

                            7a68580e6c8ddca1f8e80841af76d87dcc46b2730a4d806c592a0773a9ba0659

                            SHA512

                            7e931d53d1abda008ef19914ab007e4e9a862b162bb9d3922aeea8a4db7540ea441d1f7b85a3532b7c571d328fcc63f45e4235a68f85c4a4b86a79f991012400

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            8dea033ada47a346cc5edd3df863445d

                            SHA1

                            1b03b0ffde27feed884aad55c2e75444e925f40e

                            SHA256

                            c4d0ad71f7e258ba31f0abab2565a72d3ae70420e44713948c7bf0bbaf35f382

                            SHA512

                            03d7383601186a717a9d974671fe189a35cf615f6c62cd9c614d92aee5ee45039bd15555971dbd8791137e1b869aba7cd9bf8c95ef7f568938d6b1282fb21e78

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            c0345a5575b25b98888ebb491e2ebfd5

                            SHA1

                            5db92ecbffb04eb73dfd5bb573b715a804f3db83

                            SHA256

                            19044dfba8f2dd0b3e846b0a799f2fe637b688a8eee6ed89c3bde9d69d83c9bf

                            SHA512

                            f411bd1d8496643d43184ac4fe8dea090395f869e45c3b741d3c84602888b4e56031200980c49b3f099804224094207d13e55c3daa964f4043a661c69072028f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            1d620902b8ba50db943d852d72dafe47

                            SHA1

                            7dda6c67c460661f2eecc4beadfed90f74307193

                            SHA256

                            19082f8599474368f89148880960e5d7520d4e9e7c97e09f8afe2299553fee43

                            SHA512

                            43194e379394aa2cb024d3df05013c819002d4f180608492bc3cc50a9bf656d73c7455ec50bd83fbf091f29a79c89b61413394c98e36b83a4450e59beae78678

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            31bc3edd33bdc84a28e3cda6857e54c5

                            SHA1

                            af756e205413e900714635327932081bace616bf

                            SHA256

                            d541e8c941dcbe23b1acbdee3a4c41744d6d1a37bd70ceaec66da0d10ad7d24d

                            SHA512

                            566ebc1b2cfb51aab3b73dcf4a3769ad4f5c254374f6c0fda13140609873653da29e94e85a69b634123ceef362dc2626872311f17738072a30d8cfc2adba62f2

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            eab9ef4d51d98795a229388f8dcbddaa

                            SHA1

                            57d762fe84e5436016c25ef3034005a46d719de7

                            SHA256

                            7dd676c202afea53ea33d1ad43b777d7908434f9977e9e986e260d0eef2f4035

                            SHA512

                            83852b4cb0c6e188ef1f1bbfe0db77bd4c88f9e1577148dabc804e15e21e2d899e9ecbd33327a5a964ec8c4886e54d389f8751c423833882fec2637a547c0566

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            86b2604a9efb24eb40f48f580e7a276f

                            SHA1

                            5ae81c80ab5963ec1a2bf6b6eed1168235e67beb

                            SHA256

                            5eed8a7e91e530b36c14245dbe1ba8269a345f8205be6e16837e841507019d40

                            SHA512

                            5d25a2e2e981f5c5e0d69ab4fd79c491c5bec552dc53e232a9d1fc41d1f5b0322bf94e4ec254680396da76a5d7b3911d2083d878236addb2c084e7a81c84cf0f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            1c6c2c52b51c243cf6d30ce8c8c51087

                            SHA1

                            73a38c4cea66096d1687adca3f53dc8ebfc4e3fb

                            SHA256

                            3187597498921e213b267386aa0d2b450d45454ddde7bba39b761a63ef47966e

                            SHA512

                            810f52efa43c0603c2765d09c9b742abffdc6cfec37f3527dd73867e04c062762b661fe7f9f022addcbd6cc21294b412d33b76f457165440eb237ce3527f6284

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            fe54805b46cea73c1c39574cb7b76725

                            SHA1

                            aece3d19ad155c442ef1f2397384cd5186b42274

                            SHA256

                            470796911b338a13522c5aaa7abe88c7a3566dfac4e2bb425b01bc528489a348

                            SHA512

                            353606aae3ba615623d21b0f996c0df3e07d19137884c17ebbdb45d024d2bd2c6221687fbe710b52f7d1e3f5b43d905c7a7342b7a0010c01128ed2d33b62c954

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            22744a3233b50e1efcf7d075826106da

                            SHA1

                            72d1bb9fbcf65c34a7302c9c8aa5db6c7491b47a

                            SHA256

                            5faabe8f17a9fedb5ead9b3038b6079976830768756481e7265b12e1297c20a1

                            SHA512

                            f36384005c11687b48b8bd174fa16f1febb7348d274da176d9320ec2ddb90aa95ad2624266c83b5b85f71c29efaffe0774e29ae8b785f9fd65459143532e9a3b

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            3a04f9e5228499f62987d2bd4c49532a

                            SHA1

                            26fcdd474b7a18c45194de5f9d974f5d2369f93b

                            SHA256

                            f357fe38ae733717861bd8367241462e18e426d94bced5d100cefd688250962b

                            SHA512

                            51152c5a22825ba0c227050f5a4da15429b80689ede85319deb47f4eb4644655f454118377a1f0d6e8be6e7601178425fe159fd1d5420f196641f76fa848a9d5

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            bcde43c165d608ca537595d199a43ee5

                            SHA1

                            08e1cf895d7f44977c01322102efbaea66769842

                            SHA256

                            e345fa70ff378bcb48833a24a3e468760a72a624bb2a3d9f616dc2424b21879c

                            SHA512

                            fd656317255496941228abf84ffaedad84324be43ccb93da3761212db150a808a9e2b6ff537b1e0c7fcac2487414cbc3a5484b721fab8145ec5c046df062ba1b

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            0ad4340b013c04a366e6837e75bc5cd2

                            SHA1

                            e6dc4e7c0b75795352c928d76ab79bde96f1d468

                            SHA256

                            ab4aff57d9074bb92c19e6705770a853d92501c1d9b0e5bcc644a6c9947df6cc

                            SHA512

                            cefc368b7e2d3655c41d4768f7b0cc1927f38720b176456b0aa43ac26b690eb7c09c85d1d65607faa70a46baa35c5b29899558b310a68aa23a8443c843f3f835

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            53b2d42ac2948b94d5801102b330ad8d

                            SHA1

                            4b04c6b8f256e7ab02e86a9e3489e5f395fae888

                            SHA256

                            16092093518e6132df1f0b4cb5786f1f1654ec1de421d6a411b8b7f4eae8ff97

                            SHA512

                            67475f3c4dce1855d112800891ecddb0a3c5cf2319291f9bfd9708423465b75a0ddc35c6e66c4eb1acb2d3523d4dea9aca3f7cfe86cb349783b4105ae583a37f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            130025d5828238fbd78b19ee350d5795

                            SHA1

                            c908c5663a4a8cda94281f14b0c21db3c5109cb6

                            SHA256

                            1402e7d345ba833b029cf4988d7973c9168fdf82cfae95c1c40e14e5f0c88b23

                            SHA512

                            ebff919825b427db4c59c1bc97ceef88699c35698bb8ab6386ea37c5d1c737f39ee29a80f77165883fd245811a3a53ae874c86515be1c8eecda94833237d68b5

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            9c3ebc5bebefa2ef3289b49ce91af37b

                            SHA1

                            05e78b582a375a617eb022d327197472d8f14e6d

                            SHA256

                            dad1737128a1e3cebc9670744735140d5f6e013ab95fcc7378715d562421f5cc

                            SHA512

                            cccc004e5e439a0c630faa124c89ec24c8d9e0f9a9e2ac7dfaf3ce1a56d400c87bd4ee1aa7fad8d6e609e3ab04b8756cddbf967cf5ea044d4a9029f38e5d207f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            01749384973622dfbff31f6fec6cef39

                            SHA1

                            e1550c47a272dcfe5492ef40cd9d835e50a2aa6a

                            SHA256

                            b0efabd8c48eaa23dfca824f13c882c414bdac145e893602e7da5d39a8ab1a00

                            SHA512

                            2692df445f8450a757413d77819a167a41b59a34b535dbbe76e79070dda80b97bcb9b6554c36e207ebde1a6f6fa0d0610749058bf6c50f6afbd9cdf7c2fa45aa

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            202d828eb45a8d98f20efc233f4f1597

                            SHA1

                            71a3dc3c84034c7ee66ae32d891a21c2a1f2595f

                            SHA256

                            15c520f063fcaccfb5a64d7d0b13f770b45ed711a47de5da98b9418e2c612d08

                            SHA512

                            e2a395befce19c5883b870f342f20cd2ab00a0f0c23c686a31d124037e23733cde54828a9c6fbb1e44e26cfe2f0d46a4c22a89a677161f7a4eed73a128d944f3

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            1c0574d252c7247169ff3c56d12039fa

                            SHA1

                            376158d0114d0f6648f03f44709e31255e65f850

                            SHA256

                            dc2a017e6a3178275343d46ffe3a731b6c8fd2e2be2657784b2ae5bd6e94a57e

                            SHA512

                            50e23bd07aaae4853f3216100394932f8187d1b26d042ce090af10b65e6f4807511041936db8da10b2a96dd294c491418b6585776316ca2a1779f5035d16b56f

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            6cd46e55fb96e36423f2a3cd449534c2

                            SHA1

                            5b10748c104637fcedefbae914183271af97b821

                            SHA256

                            391a22409ee04303677d7694702404361bdf4173ee63bd8547adb94653fc8222

                            SHA512

                            3d43198d9e6501f0b33631b21b6dad7846de6e0d0824217a67c8e2409acd222a2a3b00eefca5bd4bc16b7bd1e6522705a6082e5a0568c41c68158e4af8943e64

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            be5b01963df85c8f86330e496c178bb2

                            SHA1

                            b84c447141dd4ecb072781104890b27f68419a43

                            SHA256

                            e8517974d7deba05ff10446c240f9469ea2d121537c5711cefbeef9ae7421f0e

                            SHA512

                            937ef0b7c5e9c4464c0de722d3da20e86238bfc81f91dd53aeee193068f03eacb3817c8dacfe26a64f70945ecbae41aec6cc5f4995b06a1f5a3ccb9fa254f760

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            de487a341b07101e2579f851f8e403fc

                            SHA1

                            a3822584aeaf20f0fc98cec946a9837bb8ecff3f

                            SHA256

                            566fc6bd044f9ff42bfa2017596155e9d8b233027535c0c2a308d1631f552fe2

                            SHA512

                            3aa7e7f98d73ae4465857bfa53a8a8505670aeebd1357567f4a7aacc38e65a13e7b0c14e727a6664266cf95db8b38fd4c9ced7b641ac3b211168f28033b6274c

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            8f07802e78403eb13aef4950ad413290

                            SHA1

                            8513b5db619a0c6d5d03eef81f4b4991dfb36b1f

                            SHA256

                            34d501a01bc6d665f28ec69722fad1ae60bb0423231c38c2a698a94ac6548317

                            SHA512

                            d4a46617d935541d30d668091cfb49bdf1c29c2015fc6b25a9c66780958f887d705a77da45de7fb3c2e845c56cf74416ac3901f46a11f77acdeb01859c50e710

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            43e8297bc29ba1dd3bbdb01a61c420a0

                            SHA1

                            ae05bac71afe1be06cd3b7ba0545d0146733b8fb

                            SHA256

                            1d7335e8df0ef400a8a53f47d59a7ed385409f24c21e7c5e72a82b3162ec4747

                            SHA512

                            bcd936878bfdd1acac69549cb488f88fa4671f47142447d82c4ff206b7cf88bea1d3ed36ad9b5f7d03f191c966b05e6a982da6261231e1cbdf21467834787a75

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            10KB

                            MD5

                            357039826d3310fa741cfe724f0c3702

                            SHA1

                            b41ce360fd8cf6caa6d6801b3d38f0c130c5163e

                            SHA256

                            48f39bbddca2cc187a3326157024628a6167b9ac57abcde384d306da8c141486

                            SHA512

                            99316c163a493dfe4109f8ec96fee0b83e09102639099e06ea8a9f2aa3c38aaf7d2aec3489a4651fe6e5aab3e83ab4f7fc16885597262f4f4399900f9eff0d12

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                            Filesize

                            9KB

                            MD5

                            527c4e5ea0c896d32a7a37fadf03e50d

                            SHA1

                            559705ae3fff06fe50dee02ec2f84a5f755476a3

                            SHA256

                            4eb518047a2857d808f02f94693af3603aee9b4a3ab184d013aa0a64793fcc1c

                            SHA512

                            fbc47713458062ecf7945e5b2799c5e5edb5648b335338f95315f5d53db97560ebd89cdc35f8bbad7e52b66f99e16aedb21720f9fd4d65e22a3f7640ba081e70

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                            Filesize

                            228KB

                            MD5

                            888039b077e6449f61836e81655b80d1

                            SHA1

                            48b3719280e5502c29f1c4369df9325355d0a019

                            SHA256

                            803bdf7acceada1fc05b8bb29b34d6afd16ede0ac06ff4892ce034c818f0d80f

                            SHA512

                            0ed89c3576cdf4d2aed13e1a717ebd752e6626aa94b0d6b697b7b6b1af012841e2fc971a0397bcc054e5bd42ae101babfeabe6e9ecae73525e4a56d7ed15e592

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b5ee215f-8df3-449d-8c0e-ebd9afa789b3.tmp

                            Filesize

                            228KB

                            MD5

                            25a6a04269084a570d2ed9bd95e0b395

                            SHA1

                            78a39f85b3e5b0f9e4728d40d12b770421333065

                            SHA256

                            b90d6bb96eaf3bb15c1029e237665763a0eec743eb81630dff4abbf932025aed

                            SHA512

                            352356141f85e3c75b2792f8c97ab75128c0153b38ade95d8a6d3cd3687c6a5212e59d07d081f137167152a1f9ffdf669af88cf0c1ffddc49528841c83fa8d2d