837f6441b7784d5f83e3b1d883cfe0d1ee2b97b0a6ed23300206120b9ec42030

Resubmissions

04-01-2025 19:46

250104-yg5xjawlfm 10

04-01-2025 19:44

250104-yf249atqcx 10

Analysis

max time kernel
301s
max time network
304s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
04-01-2025 19:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Skript.gg.rar
Size

237KB
MD5

a48d76e6d43a698cfdab6ef51b8ae57d
SHA1

ae04f60ef5ca250ae39a86b74f436a67d1f29eab
SHA256

837f6441b7784d5f83e3b1d883cfe0d1ee2b97b0a6ed23300206120b9ec42030
SHA512

16aad32e95abf3ef745439d9ba79045a0c0c7e6f6a826cf81380a19c7cbe36c3ad97a8e6d277a481cc40f3fc33a5b160b5ff810bc294fb8cbda24c76b143d418
SSDEEP

6144:DGudBq3VvupB/6G1drOj15/I7LzbyobPraYz+MEvg1ILCdj7Nx5:iuPewFdrO15/IyoP2JheZNz

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133804936195484213"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4018527317-446799424-2810249686-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe
4100	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeRestorePrivilege	2940	7zFM.exe
Token: 35	2940	7zFM.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe
Token: SeShutdownPrivilege	2120	chrome.exe
Token: SeCreatePagefilePrivilege	2120	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2940	7zFM.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe
2120	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
5048	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2120 wrote to memory of 3744	2120	chrome.exe	81
PID 2120 wrote to memory of 3744	2120	chrome.exe	81
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 236	2120	chrome.exe	82
PID 2120 wrote to memory of 1724	2120	chrome.exe	83
PID 2120 wrote to memory of 1724	2120	chrome.exe	83
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84
PID 2120 wrote to memory of 896	2120	chrome.exe	84

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Skript.gg.rar"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffefdb8cc40,0x7ffefdb8cc4c,0x7ffefdb8cc58
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1772,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1764 /prefetch:2
  2⤵
  PID:236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1920,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2176,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:8
  2⤵
  PID:896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3080,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4416,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4440 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4404,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4732 /prefetch:8
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4756,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4564,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3156 /prefetch:8
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4992,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4972 /prefetch:8
  2⤵
  PID:652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4320,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4296 /prefetch:8
  2⤵
  PID:1176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4984,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4304 /prefetch:8
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5252,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5240 /prefetch:2
  2⤵
  PID:796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5316,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3328,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5464,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3300,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5684 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5340,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3756 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5516,i,283019276808103865,16127901941412892656,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:3108

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3784

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1976

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:4924

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5048

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
b90d89d780899f29885d85fb2360d5d8

SHA1
dacb9f0571c57fa9dc4ee54cb3846b9d9fb4f690

SHA256
ce7be1159bc316e0cbdeec6b49506b515765e480f4fb8a80887a1f96381c8808

SHA512
1b3d28cf08eb23197b903c6615dd6e032dd08c4be9e7a33a57289b61bd0f43642f85ba793a7e37c24cf573c2d16eaba10c3d6d704f951d4dadc0deefe8975605

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
72KB

MD5
43cb209da0740090172519ed6c1fed84

SHA1
085bd5ef087f7cac77b2b0cfb3353b54abd54dc5

SHA256
3a7f8be6d463bd77dad51cc40b5407ad923dd1a1f678979eb9b95adac8d393da

SHA512
3f522c8b72e42942e7713ae0efa4970de6a2f4b8e990ad59b09b00a2bc4a97a331ca9d8a6ce5e0a840abb86b2162e288d424472dbaad61ea432a6ff772e8c66c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
460KB

MD5
9561281456256dd3a83d26a384248a99

SHA1
1cc1a85b910ef6550ff541ca8c6715d461975ba3

SHA256
35f793f54d0341de2d5c2958291bd79ce725fdf5551d4c6fbd52cd7ea78c23c2

SHA512
86fb39744481e48be8289e33934db55efdeb5a6ca903e522ca661a3cd51026032bb435e565301e3815941a371451115623fd39368d9df5f0d480a5a42e33fefb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
71KB

MD5
56b4de33a9d129271188241d1a66b266

SHA1
a0aeb6cb5ed7d67aa1bf8066af0ebcc22cf67e9d

SHA256
ef88bf4b325e1d6b06b11dda9c5980082a7266e3d0134c70f95e098ee6404bc2

SHA512
41b3c60c2a15e68fba03fce678ddcd7ff319d60909b5a23ebb953981e6249ff47fb6bfacf58e42bd295ca84f46527bda9b2d00a9666b0bd79ab8eb9c86259e37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

Filesize
261KB

MD5
86e8614fedac513112aaf1045590dc3a

SHA1
beb7ca529d8662a305de0fb9feb9ab3712a52a43

SHA256
361552d038068a07fe8876baeb628223fcb9a6330d9a39d2bfcc03a5cfd6a35d

SHA512
dcd5bc50432880428534602b290ed468d28e4db043a2cb0cee6c949e1ed22621e132dc76875f5c9e768e976c158e8468af33dc38ba44473f3351398c0ad6dfc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
170KB

MD5
409071ab22ac9520c2d6590cf0e771d6

SHA1
a16ab99bcdb82237f8cd3130e89dfa7e7cb5f1b6

SHA256
56ada4a90c9dab071d15f96683752b215a70bfc878a366c619858c4c0d02a33a

SHA512
32222a01776f2846070bbc8909097627807795be8668066c1176d75984c0c9f9a8dd324e64b8310df17758de378a57dfc705efe264b7fb2bc595624b4377957c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
295KB

MD5
4c84c26247c7e871b5b459231e6c24c9

SHA1
5ade3fbf8bb587e9e64aaa0e0c8f4762601b4587

SHA256
635d5339eb9449b38dd1057bf88d2e82f32cf202c8e0a02ae29b3a9a0d94efd5

SHA512
455d96845348bff395e3c7572d3e285bde26facb07cadc4c8e27b190feaba8512affb9eb9cbec2b2fff0edfd319d2a4276736a184d56bafab63431d26c588d3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
b6ed306b1d2200ec5bb7b35bf0508400

SHA1
9e657b67f59a44b2a39f7c96dc8d9996553198b9

SHA256
4d9f38b88bd040f25370744e0cac079644ab4334faafa57e814a3ad7968cc4f2

SHA512
93085603a4d2740fb681dffcb747936607194a5a55fcfa07d3b5e51bd0fc43f42708eab9b4f6261b89db5d55b1f3b0529da803e5a1790eb1684b0945273186c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
840B

MD5
17ec0e923abfd7032632c1ac1a489900

SHA1
1c74c639d6007030d558ff7989bccf2b9f39a00b

SHA256
27cfd99f6d5cd02c091a382503c9fb52bc4178942df3d3ede7c04309da5fc8d9

SHA512
a294542c1c4cc85aa1766bae4e706dd3ae28b18359b5646214e47421ebaa981ab82236f61c8e3b60800f8fc977e04a16462bc191a3c4718deb6df22656fbe9a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
0d40c3859eb38bbe5a95d8bafdc258cb

SHA1
6d0831b4476a9ee808631a6c1248bedd10b76cf8

SHA256
23ba90a1b53c33cdf91eb7c63c914da19d456760ddf6e247981fe694594c4ff6

SHA512
aba342c9d087e207ec18f1c8d59d1802b13aaa82a285476ecdf5563568797cb109d4bbc28d5e8f95b6b87bab59fb7d6430f155f3f546b044dbf43ae8eda2db57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
0e91a8abf4c167a36caecf672ac6f73f

SHA1
ee5a6888d387e5e599816c73d5d31ebafbb05e61

SHA256
d6e9d65156d233ba805d8ecc841b8b37248dac050934896cecfc8d560f64e938

SHA512
b3c06d59626e13fc297ebf8524cba27583aea3a8aa3affdfb67a7727dc35586e3ba65e100416ce97a4998e07f77a58145bb4e5f6426d60ee193ecc6d801643df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
b68343512a91d5bf8c32000fa87e2f92

SHA1
0887b15022f60623b7280e0d625dad310b81f5bc

SHA256
26cba388c0539e09b88ced0e9936aa73677c143bb8df82578b3fd35e15ec5ea8

SHA512
03d4b7725b975c91dcc2e748a0dce0e2c6e27612fec777914ec8418cbc17003f1cf30001251dfe85f3d71a5534b8fed9eaf759e1534f5cf6ba15aa7faec55068

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
8KB

MD5
54885a3bb01068633c74a95bc91055fb

SHA1
b9bd670717c138261e964b7ef4d7b6db26451bc6

SHA256
b5399e47713dca7490790df63c52136e16285fab324d65c28af89a4d28965172

SHA512
b16fd9774fde9debdc749a4f98ea59a5e376fe8526b55b5e765d56a00632dcc44bc363f24dcda80ef49c1f673e84b5393dd47fc66b5ee86775f3273fa646013c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
2137baad1572b4e9f688e2c6e8e0aa4e

SHA1
76ead610f828f6d4073a9710cb339e5a5e639dd0

SHA256
3a0750346c9a7e6d0db72b15c381f73686d2c8c95554eccc411bb8cf2d36e04e

SHA512
3c8f74121af00dbb5a817d63426f34bc4ad2d25d8fbb71cf88fc03d7f6c00dab7ff4069379b548593729c794e76dc7897ba9914492b42f8ba0c248d56f329f9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
998b92a07647f1a2b62aef55aeab988c

SHA1
4a558dceb4b8e5d0d05d89e9fe03d73ca21ce4ab

SHA256
45d6c2159a018c90363d98744455d0b72ad1b23191631f6134e7437513eddb8b

SHA512
4e3320ef88facb281e30c4b418a3e4b73e2fe183a428136f44047c29ed4a614475bb59c69e7c58fbe3099061691b58d36fca175d5d45b95a6ca2cecc0dff34f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a9f8a4050d768ee480a207b21c39aa4b

SHA1
d1ab4e9243d31efdbe25d42df2ecc752cde37405

SHA256
69ce848d2a7bc1bf3f0bcff906ad150294b66260b3d380d6c65ee5569fae100b

SHA512
c586c96e1d3b51e3b667af7d1f2f52c886bb478b5f4a22995beb3e16ac9edc9561f8e394a9556fa529e857867c1000e985f77fafe6cdc98ebce8c3cd32d8b0c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
a173b470681c33eafd589127e8150da8

SHA1
7015984271133d23ab286a5729d012e302ef7429

SHA256
93008d65e741cce40c8ea3f7cf7dafd532039f6103a269699e270092dc2bdf07

SHA512
7a006d9298ac3765418b26e36d13658b68fe4bc41f2597242df9aeff2b11c1721e1fa44d445f4e5bb8a39ec118fbd2f0dccf2518a1ee406c69db415b24a470f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
52a3cff98bc477265bdb24b9f13fd44d

SHA1
2130b3520d5c9895e11fd235523c32d152e874e3

SHA256
b5de4f46a393b0fce65cab4b157972bae7cb5731cfef6bd866ea0b9e1fc4155a

SHA512
4ce50139a2238fb68a61fca20d369dd754af668ca8e22ebefb25e4630c945da8ca09ad020625ade6bc1cf54aa7ff58fb5fb135aa3e4e9d4d34e2ad404ff017bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
184fc3e37bcb7829a9dd3ebf8e371eb4

SHA1
1ab752ac7a57babb4bd3edc9de676c70a2f8c945

SHA256
33dc11253035904f43dd35f5d87c540aba9d85aae7792fac7d6db91d3ba9c941

SHA512
b2d0fd849accc2614d4e8b6a63aa6efbd711d0954614b0f5d6efc8c274094bac6b165cad872ff8fe0c130cba69c85277d184c528b4be5b5f9515569afcf075e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
62a57e2dbc65d439c43d2e544255354e

SHA1
e1cd3f0bb189bed34ab4faab46468b91dc969155

SHA256
3afc1bdb06a8da0ed31056f5f55f8de25c970689242458be4a7959f6845b0069

SHA512
e6a8e92c982a80f1661c041a54d77bd232381bb3e01baf71e88b6076c3afd71d03dbddbe71ea411bb9c5971ecdcb6cad8df7b79bab4bc7e3b4313815ea4e2c39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
ba9eb39eb5e6662eb443ac709084f019

SHA1
6ca859c34e21ed4aded4a74e43b14c188647c125

SHA256
28dfeb4092f46d73ad185d7869f32698bf19f2fc4ccfc428bc65255235247e14

SHA512
ce26075cc18c7d14b410c0f245a0846c856a3ed3f5a1ce9520c1f0d11cb7b4063469c94e8c13aea717081adb29cbb51a9d07bc47284cd0f58ca590061d54b93a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2f34fda8bce7ab7763a35dbb98b1993e

SHA1
850361a38112848b9379c733dcdc3f8cf6a6ac77

SHA256
829f819845c8b328c6e2addb3b12ef53bada7cb275227de93216177f5dd1a935

SHA512
9b67d5317b560db56714bc2c181bd39447dc15eeaf67f1f05dde7945012856cf4d91001c713bf33123f2c54e0d1e93d0b44936acc81e17d9977b8116942ffb7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
2cefaa5398134c990b7b130302839cd8

SHA1
69e876f1bca3e3e1d82b203b463aace09ae1dd96

SHA256
92a056b1a50e5a9133c91fc31e7365ca3535c3deb1c80d86aec7bb2cc4f283e6

SHA512
665c29c63f836638d62ceeb6c232b9e7ae85742b1e484131d417f6b8ef626139dda5b846a980d572ba3e8088e13629e0a8a22205295dc3cb3f9855348bdfe0f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d34547706e386b7cf8787ff057bd55f6

SHA1
233d407fd397141b2a027b1c636537134153cf0f

SHA256
0a4d94c7e538d20741db30e444580de58a15b16ee0dfdb09fb26fead39a348c6

SHA512
bc422f63eafa2a2fb806e8c1b4e1bb8c2ff023a4969711cddca07b6f85ceaff60d44aeb7b42f512b4ec74b147a53bb058438ad239bc4fcd571f22923acd98f86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
edb90edd40aa5abcfc7a3c2da9389efe

SHA1
b6629d16ca603435356184cb90a29931794f0168

SHA256
2f55e3e08a63d0d4f0272ad71cdcdb74bda5068159b2c45c8c3c37aea1725d90

SHA512
a8e0ef2e918c92d1ededa7d5bbf8c3958fc3b1c16cf24f65f9ab21c71a3846018e28afcb3d4409cc9a2fa7942717a1753ea7ee3233689e8689770accbd3c67fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f4871b8abe50c120fdfcfd519134245f

SHA1
f832b5e1df9e9af442cedce71a7e4197b9195de9

SHA256
82ee5b98692c64df97773277e72d8346eb4e7b14a6b3729f7c3ab1f9346b011f

SHA512
af21715b38606f71266d89b5e5bbf15d3073837787f0535e233984560096d1236d83f724126ec1d104cb4e7e5c2fcde362e68369f8c2f163686a53f090f0ff7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0ba711238f4d527d51e0114212d32f1b

SHA1
0f4304d0ac8cdcfa38f419544196cc086ae13ca1

SHA256
a0e9c107df622d30a104dd8a055e1becaf9b6e31e0964f6d86bb43fa6d263139

SHA512
9422c0e691f834b03553866ae2331448bb571ea93d39e32c3640221bb314b60e216682ba194658d96a4e2946ca98679dbb321182a5e08d61042e831b5c6195b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9c50503381b7b9abb5583c1bcb36082d

SHA1
ec44544934863ac995a87b72557267043d9cf7c8

SHA256
5aa1a3fd8435eb25b011e5386aa62d2166972f114b3c49e192d2f92126611801

SHA512
5a5733570bb9bd5c71a28344ff435acc49f23f559e7a2c208ee3cea52b162877bb16cd5a169677c7eb030b9e72600018c34b9a4c18ccda23b7ea89e68bc7bc40

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d62b39064624ca8d543420043e64a917

SHA1
c50cbfb3adaea7b942e655b2df47d3df616946c4

SHA256
ac61b0b93e2ac09b0d5e256938873b9902c71bbc87281d88b23bf00a56e5f23e

SHA512
804961146dce891045027ba8f0f1922d7ac2eb26b0ce23c37ff376d02b4b8084639b52ee1095a2241ae40d28bf1f1068a46daf8f10f994606ae66403f7402857

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
77093861b5c123f7cd191f6bf421db96

SHA1
fff83d1170dda7a6a76645527e5e029973a3933e

SHA256
d4e22158ea23c9ab959dc17c9931a8ae46e02fb40b44a7ae65b8644ce6af8b8c

SHA512
195e038e097304df947a5e94a52f4497269e222d101d3c48698d1aedcfe6d7417462acd104ee7e304daebaeea8d8d91439210ee3454250203fa4cedb1c161134

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a7820d2e9776cce61e80db6d3180aa28

SHA1
a1ca6f042d9daad07098ecedf9808487ee74085d

SHA256
52d216f84c63c6384b4bf84a7f6def6b5495e067f74ecc500c68599f43583466

SHA512
852d16a42991ec2d14e0fa014a4fc227f32ac50d90f61aeb4224c920a16ea3ecaa93fb57e7295445180fca62510a6941b1d7ac8ac452e6436c73a1d680dcb061

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2d35d422fc31b99c43498996267819ce

SHA1
9809d844b76a0a4bdfc7c9a51c3483ccb197714e

SHA256
76967d944987095fa6f2ac37d16ca19fe9fe261ae5bfb1456c0b06346601e87a

SHA512
d01cbc1cfc0d39ca21e833c715ce0210d300ae0db37ab64d188bbb0a38cf5717333c1e532ec59d2c0012cdd3c2e89b38509d213698fe8278ed7ad5e0ede5f947

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
53f30c33bcc90974448c4124f9a8da46

SHA1
4a9fcf94572d186145667480d8e344de3b711287

SHA256
916d948b385e68bbc0db7728bb318ff4b4ea4f1f3de430005fe4a4c348b16e26

SHA512
e92d857d6bd6983822b3ae6e5d870102cde313fc9ec609a73e1f7eb00431d721c727fb3fc464bde68d45f56fed9e4c0793be2e2d831d1d9a0be42955d4b80a92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f2c6c6731825162c6097c9f2e64f0fcb

SHA1
9407a6e68b8e9ee2e8676803a40f398f83c9f92d

SHA256
c35073636c3f24c530957b0141ef3dc9260157b8e1bc2dbf4da5b1fdec9b2c2f

SHA512
ddf33c9ba5a5914fdef3f9a7880712fed4055689e3b14be327299e491be4cd3d98d275211105f96ab73f6fd43ad91a1876303b32bebaf5b962949fb24c9a51b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
091577a0124fad8020a4c436400420c4

SHA1
02dd9e95dd715c6b74da0fd8689fe3ae1803f244

SHA256
b4012880586eb87e9e17c0dbb3f4c4f67787833e9b9c2af21b8667d91d5570dc

SHA512
5e17ad8eacdbdaa5991b0dd8aaab564c86d2e5234544d70d6a0194661c4d3745cce768eb0d67babcc92d32a5e4712ca7062d374834a2e3405044eb5e74d0265a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c6220b704faee40a43897a3b7c2ef061

SHA1
20e91cd1b78b8caeae58dcadc8430274aa187581

SHA256
1593b1a9d248430dc033e552d9391fb39821fa7e687889eeece4a5955c769e42

SHA512
1216839a49e58ead4a2807cd7798e7d54c792b5082674dc9625a14f93d2141a4fe501b6632a520c53d2050e18ceec4f18dba515210e83fb08164a145fe1622a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
2312fd30b7992ed21ccae569342f34a0

SHA1
1ff96f89d54a9cc4ca0747e8930f25e0d0b4ad35

SHA256
4ef6f7b0f1769e0db0321f15180bc89e258027081e5e7e5a9813929f9369084a

SHA512
b1ab0499936c1084a37d4282d9c8691ad5ed844352106fcc21e6c89c9219815208453df0fcb69286d46ff9dc468be63817580627e96cb50a63af2ee0d2a64b6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
972d5efb0f9bf0e86271393f502e6701

SHA1
eee0e4c187d7b400ab0b8e59c4d656608e609518

SHA256
18654eb8715fa86f4eb5252003f3a94aabbef05e885ed4b60e2cab0a2dd7a9c4

SHA512
91505196ed5d47e77b1944a41ef1b2876a343f56fa3509daf1001c18f1fdf027eac771c3bb96e454c516f528d316d0e726830b3203ece667353e195553f8a54a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ac8b1d4cabb2fdded5568b5f0c67d29c

SHA1
093a61c48924b5a60350096780ca773b125a0a71

SHA256
33df4bac5bf9789a039f90ff9f8e4d60532b2b6930d39746a6bee6b35e9e8330

SHA512
960d14d5dd8c3eeb6af1e668a418cf876d1dbbc6b2480b19f25e232f307fdf516de0279e47de0fbdc0df0b784cbdf26d1edd96c806393c3d9a2e0022b8763fb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b61d3322e1167883e1687beb3c0e1f74

SHA1
1bafce703a1d2f8cf41a703611e472b590955829

SHA256
b4c719d85df906ee75642b6c2fa9dbb520565d21bf4d5235dd071ba8a5e70f99

SHA512
31660931c613efbe321c1be619fec3834710f119f28f5793d0d404f31326b7b1f611acac6c3da38094b8b1c3ab0bd78828da789181f08d245982d53998e12761

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
95ff95854fdd9f5a081262f35aed0cf7

SHA1
1e893ab9efa7d47d38dcc56ff34cb18bcedfd7be

SHA256
bfd78b2226091c91667039926a710e6f0363a046e9033e4c325f0d989b4544a7

SHA512
aa25cb6a11f9d39917b33cf16094d3e9aa789b2739e224a6f274eddaaac68e65e30f1fe98f75df1e9b912fd5dafc6bfe35f8136824df96d42eceb177806dedf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
13800a663ef2c85d6aaa7ec64ce4352a

SHA1
40e41f9d35f067f501ace0c9093d08255ce5a640

SHA256
9dc4bc2e3e6d42f302de82383c6b3476f9a411a4a57ce95be2625c432b0266b4

SHA512
1247009674a9f9164f22b9f100b71bfff6f42b4cf9641d54182213a3fb167cfd980eeecf4263d5173f73f42730182ef48fdce3e14f740e1bcbcbcdb03303e324

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
904bde0fe2eea5a466f326a690697ca7

SHA1
fd0d8427242fdfba13bc90e1e227aa114f3fd61c

SHA256
9003d2afc4938d68c9677a0d525e99102b4cadaf7a4ee2bd7384c8453f50d8e2

SHA512
fbde7838ea98ff64a54863f7b969db8f7ca03335554cf060ae3bd3ace9dbdaf4e8520fd5853f2276ae8668a0f409db37c27d3a49ef711b60ae21992f5c01659f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
2becd30477111e286758835de25053be

SHA1
34c8475e6297f87bac81fc5217cc32fb84e67f51

SHA256
0f78008af10c10673fa8cf30dfebb4f1426b649185d6404427bf16e87de8ce83

SHA512
dc3ddfbcc451b9322d34d5088da3f2518b33dc9b3e49bc80badf21c63a912c4ecc46de4d9d61d563560c0bbba80149942123eb69968b9bb7a6e239471376e4f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
03a0b3ea72bf7cbaaeceb9c37f4b4369

SHA1
3563cd23c9d3048c1f86b1aa768239b56c24e5bd

SHA256
06a844a00eab92cf6d7b2f347c6f56d145a2b63ca6accf8e6596f65e34b45a60

SHA512
e13c10bf29a1c6a2f2e3835378d13cbb5945e64191cdfc08e2fa495bb0da6f04380b976ebc5b02aa338a0389d3ad0fa9bc039bd8bc52b010ccd89fe46712d419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
76B

MD5
a7a2f6dbe4e14a9267f786d0d5e06097

SHA1
5513aebb0bda58551acacbfc338d903316851a7b

SHA256
dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc

SHA512
aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
140B

MD5
882819376d5de57cdee474f5adaf6837

SHA1
1925ded870ece938320d7020497d033649295675

SHA256
a322df0d26ceda280b83ca3567ea39e84f707d534cca8423a838a96578ee7a3a

SHA512
7d4bee16a1ac5cb9f28c2c1cbce9869a5f0e23f2b33f09fdb0338721e06980d01ffa2ef1994b8259683c7d5e928e6ad6a07fd183dc64c66c411e799e310558b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe589872.TMP

Filesize
140B

MD5
aeb18406e4a29d79f35f466f999901db

SHA1
877f4c68bc563aab5622827e41f694d3e8e68718

SHA256
c9d7e5841972bda9243f469cea2e0cb87997ad5d2f0d96a6c22e3e344df05592

SHA512
a7f19fd520f2fda508915f6d1311e3d88767bde5e3109bd063755068988a4036365ac224eaed8ba78400e117fc1cae843a1654e197a0f943eb0ccab0b8a650c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
9020cc2ce70e86363cec6dbd7e69653b

SHA1
87f9a604b74b59d620bb9d4c76ef2a93478b4ff6

SHA256
1ed14cd3662653be38b1c157ab138d9b6043c708794c8bd18d747cb076b8c9df

SHA512
9f24c9e63aeca2c59bfc0b9fc2e93eb7daba4d29d564e598c760090f01e602531fd76ca0a989c3908bb46b2e236727cbbd0cd1ee4ec3088e12c3413a09b7c233

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
6f469959d3a6cc57b3f525a3ba97c71e

SHA1
1cf8da317a6b38cf440c4c9eee3eab6a16809360

SHA256
470e8b1b3fdd3483784165de8eaa54409c761cafa2a75740a270cb5c566be512

SHA512
70a4c45a2ea6c687570baaf8fa9f628cf0827a59043efd356ac32d3e46288680705e79fb95188ff169c5ee79594a11984f2d4efb9895291038d2e330b426393a

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
2dfa537d7e7d11c7781652cf2ed49a6f

SHA1
f6b77ccf66633ed19c707364e90b7b9be2e517c3

SHA256
09efc6acacca137ee3d416e4f8f25820fde2508012a5d1be643044f05e1d294b

SHA512
ddeb30d036d0e096393b90b9db04901525a68c08e0de7faebb921461f4b60c56f34fe5e1677f5328f64456a0e1de8b84b2c180ddea97daa29992140099d8672d

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
b7443e89f0cb29d51ee6a257750e54d2

SHA1
84127eebf275e781d5276af6fc4d09c5a6bfb7b9

SHA256
8226877d6ab2e4834aea6bc71bd9865b28d0bd1ec2e8b4c23b8acf0301c56f26

SHA512
446cfe25d82f3bbf7badd324cae691ad62e13bd7469e415f47b9141bddf30679219c672937f4f6768796c2936c3b9c557fabbda1fb51c5edbb7c1964bffa17be

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2120_2138573024\3f89b2b4-ed07-467d-8159-f58cd8a14472.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2120_2138573024\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit