e14e640f0c368627f0ba0dfa15632ecdfadfb7b588eace0c93a99c1171339264

Analysis

max time kernel
147s
max time network
142s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
05-01-2025 08:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample.js
Size

53KB
MD5

21faf1e97f0b58533a88785a815528fc
SHA1

79bf8ed4aa34400b86aaa7169f196605c0517c4f
SHA256

e14e640f0c368627f0ba0dfa15632ecdfadfb7b588eace0c93a99c1171339264
SHA512

fde5c29f7c9d45dd17a983ce9cdf7c2c0b063c1de81287eb1341e2cff79005749113dd2a071d1993ed19361482b839feff2894495f71205c359a5cc4060affde
SSDEEP

1536:K69UFLCkupszoHKQcW2SqpESkNAju5RI6ZsnJVr3a5YSvJ6VdlhT967Q4scl1+Zn:19UFLyOzoHKQcW2SqpESkNAjCRI6ZsnF

Score

5^/10

steam discovery execution phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133805377645563587"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe
2064	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe
Token: SeShutdownPrivilege	2096	chrome.exe
Token: SeCreatePagefilePrivilege	2096	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe
2096	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2096 wrote to memory of 3604	2096	chrome.exe	80
PID 2096 wrote to memory of 3604	2096	chrome.exe	80
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 3828	2096	chrome.exe	81
PID 2096 wrote to memory of 1164	2096	chrome.exe	82
PID 2096 wrote to memory of 1164	2096	chrome.exe	82
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83
PID 2096 wrote to memory of 4796	2096	chrome.exe	83

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\sample.js
1⤵
PID:1388

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb91becc40,0x7ffb91becc4c,0x7ffb91becc58
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1780,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1776 /prefetch:2
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2056,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2124 /prefetch:3
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1384,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2200 /prefetch:8
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3104,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3268 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3180,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:1156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3576,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4476 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4936,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4944 /prefetch:8
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4808,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4744 /prefetch:8
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5100 /prefetch:8
  2⤵
  PID:1036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4800,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:8
  2⤵
  PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5156,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4948 /prefetch:8
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5044,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:2
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5012,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3436,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5320 /prefetch:1
  2⤵
  PID:968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1176,i,7654889368343713650,8247433494302484537,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2064

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:352

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2164

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
7fd4f6599a0c138ee998497af539abd3

SHA1
e7351e632625db9bde82d3e405bcd03ef420b182

SHA256
656cff73f010b6c5315639c439fd65fd3d6ae61feb6441c6ffaf03dbb87fa72d

SHA512
ed0209f0fddb5df6ac799d943d396e52e01a7c9baf999544a366fe70aa0b7bb9a149bfa0e607a6c40e78902973da0b1f6ff430e965c21e704ff1aaf5fe84cf0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
8b36e6fd487d5639308935c173f0fd86

SHA1
f0908bf0f90d908fd9efc87a2e5ea41d32d381d1

SHA256
0722b2bffe5a8d228d747de9dca6d0d4053fc6bb7ecdcfa85ff24df868e20990

SHA512
3d44177406e7a458a75caae0475fed11252d1a08c10a2140dea7a1dfe3cfe71650d58327ae7351fadee46c63c2e40438022093758251a3f00206c5285687c3e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3119aca041086848f5a97a5791af4a2a

SHA1
deada92f931c494d0e0cf02df457fc9bc68e907d

SHA256
a2422c02b1f160f6c4860ac25cf6b1d4045c9d98722c62351c158bb5cff0bd04

SHA512
c98d261cdbfa607a980f6385c3e75aa85e36e28cce7735155be54a8336a6fed950c481c95493819f600463e7c853843c9892df8dd2ec4c5f709b255346c9f4df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
6f52151e6fde1b11362c1bc1b616ef3a

SHA1
22ce8b64b6b991d45a563988c3e97bdaed729242

SHA256
341de88cf85df4eb29152c5963cfc863e79829a9878e0e5770795b37d781b21e

SHA512
cbdbd3bc074993e2bdb041164768dcdd4b2329ad608ad9d411c4460ea4f59cda4505ed3c6bb78f3994b8ea33c9dedacce2f80353169b3a0d45c785c1d98e57c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
f97de09911f7ab97b90f704ca5afab87

SHA1
803db939512b6bb200428e4df093c31ad125d35e

SHA256
1cabed5fbd834b8acdc6402f4c9fe2e9c2cc3cb2aeaa95436817ea61c8b83477

SHA512
de65b61515bb73cb011620048df55ce45210d4841a487059aeaa4828ccadb055b1eba1ddbc24a73f5ebca7dea6e2cb7de8d08dbba4182760c879cef6371d776b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
28788b2d4979a4428d2f5e5f4a296d53

SHA1
e8ed838f593daff830eee0e34b0118eeebed12d4

SHA256
9eac54889ccad126f8c07997beef57901868c7bd01e363639d8938597d3c6203

SHA512
d5b6295595875057d66e992f8c7a00ca9bf3ad616a0d918d8a81cb7c28890c211b3bc4e38ac5813a7e35adbed6ca8eb1a7394ed8db87c5530ada117a4df52f68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
a6a1539fa2d80fc5486b271199ecdaac

SHA1
6084516774644adaddf9fac8649a35f861c66a00

SHA256
17d1b43ea88b9a7c6ff318f380274af33779f49d5956794c20f88d6c004e5ac9

SHA512
8c5d89ed965480d7750492c66064e3c95c8cc8ecddedac4621a70d69f746963bf2800a5f68cf53d24a3b920b0a62895a3f35b2116016d21c069c2d36f20eb0f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
2a79eaf26db75dc5040e5a4a304de3a5

SHA1
deead1fb223d3f1267f4b30c855a40566b77f496

SHA256
a098b858c1c2b9cd0b04f2957d5b9d008e1cf170588ac304f3b58d5b1b0f2160

SHA512
95b3757b117ed6ac3c7a46fc38f5b486a49cb6a0c99fe46c47a7b9a1c0f1f0652da2bc3997a20755d477916ee78a8392e1a5b9e015f02321269ca54c94a08652

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ea7064706afda3c5c44654fb364515cd

SHA1
eb54831513bb5a845f82a1b9c5fa5a80b77d57b0

SHA256
ecdf5c94d9f4abc11f05116060db7aa738b23c99a310de3a031be67d8abbd9b8

SHA512
880a6b4271704d557616fbf72a9d8aa85881e37c7aac853a8e5bc3702d0d7ae4546ce0fdfd8ffd7c449804fae5cf6771daff5b7030d2e91832be662db60a7030

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3ead237f8b60ec0577b3ac198d7564db

SHA1
102d399ca5178c37370a8ad1d346b4b396245b30

SHA256
5336dee3f45a95330ee9a4aa665917f1bc606056246d7b959bbb26f7f073a8fe

SHA512
781e7763cbcb37c3af3dda103ca8aaa4b19bc3053467be11131838f6ae334c0849451958b09970ea99e919c75ac1b9347f9bac7f5ce8895c1f46f54ac8b3fc92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9e4f34fd7da447a92533c92ea7c49752

SHA1
ea2c45a68c51158f4cf1d8a2c61629196e39e8c9

SHA256
460bee30c6cd862bac7fb8323f7c0b97b6ed2d102f9d71462fd730063df62d9f

SHA512
adf69e093e8b1b1a67f0e2013682e660e530370896622acaee3c20a87e7dcadacc89bbb64fd3794adff6b65e0dd19a00045bdf80fc87ff368cc8af87e5f59101

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
22be921754430e050c4e0ddc2153cf06

SHA1
ead5ba5886249e8d7d0add86d85c37fd6fc57765

SHA256
99e6a9674ed2fb55b73431f846bf0c8114a7808764070d9f9c4f3c605e1d907b

SHA512
4a74e9768a3d33d5c9133fc5eb4ddfe2ea3d2e60df45162736fbed751b5552f46e3d8578ec8a8bd6311a7f4d5e1ec26130638d94b802cf29cf2d3fdd685b3707

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
7b7914301c6865d4c5b4e7379a2c162e

SHA1
b21693e5c9b30d38addf24998a34f5fed13e026e

SHA256
485861ada83d612cceb73e7f9e2984c696b27646f9e204a6fe2288049f6ff327

SHA512
0934080d2418461f937de79a2c3886f6481470594cd7e0a7acc8da9f4af1a6fc0e8f7fdfbb7cf8dd4471fdf3d5f23c4ea8e3e393f426d42cd5fcc7d5565b8a0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c92c84607751f0e419a071f678a145fd

SHA1
9fc455eeba296043dd1b2d1912304cee1bec247d

SHA256
72fbf9d57bfb0f3bf5e188840e6dbfaa808db624f13378aab62b5ef4d3a4b9ec

SHA512
6d4559b43757cc45df5db36b591922a925faab62f4dc262eb792c9012997ab34d37ab61fd37dd8d425153b98c1b3e885ebf9b925a71836027adb495fb95b49f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5c70493282c38398933941fe343a726d

SHA1
7bb662531066ac690e18e581895725e7aa2d1977

SHA256
bc8da175441ce01e55fdb4cb8b95c6c26d996785e225da00002457e84e1027bb

SHA512
83b18dc1fb419d8f1e12d49e26d4dbe6f41dab18de3ac008a15131b1290084c54eee13c54337a0c436818fe05ce2a2868e4b626a28372c095063d9a9494371be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
25ed642ef4f6488649ccf0e11d305cc2

SHA1
ed71821db0e1d62f153dceb756c7d168070297bd

SHA256
4b768ba72cec5a4ccfc5988f3c024487914372dd50bf666503701f9d397d6f03

SHA512
539e669a3424a0b2147cbb2e76980789e651663fbf5ff9618063861ff861476b82ad29aba5336b1bbc6d2c49f488d166789e48bb57505638359cd5528e971ed3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f7b02e7576e88750d68add4d2eeafb68

SHA1
31a3a0e748574365e565efcbab3d412dfd5a835c

SHA256
6bf076445c2b4a428a89245b72486124c250a9b54c4deee21d2aa15f6bd6fbea

SHA512
92f0091cc0298f69a3e1cb5b49c90d5293df726f0ce513d45e89f17caf73d51fbc655c72d33c30a8e2c264032763d193238a4c6e1acd23ff9d9c22f5fb3881ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
610869afb88568e1fde32c889076afc9

SHA1
c01c279615f6392981f1c0c4ee2e44ba5cf03007

SHA256
4483928ec6b34a1d5d669d9397dd1a70748f9677b0e7cf7d46da645ec3b60905

SHA512
e6db2592c3e23b740e99e9346733dce4d636df99acb2ba355353e7a3ed977e143ccf2b266f8762b8466adfeb5bc25a024cc7b63b0cb13a9585c1c2ec0046ce6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
fe56eea335feedbbfe67bf3c33b55444

SHA1
86bb58f79cd54bc5459f24da3b076c674371a5c6

SHA256
4fc94a58e1b674bea226dd7f0fc5dcc3d2aef6607d67f870af18fd385dd48a90

SHA512
373d20fa7ed1c09b04298fbed0983f8ad3a063f9f2f423730af0111653b73149e0977d5ad289d09b67457c46f24813b466cd5774400e76ad25abbabfd82a70c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
4be1fb08ee6eec19a1a87b8ac3a68212

SHA1
4874f8ac56cea9274022f6a10f85e6c623a58441

SHA256
451e05d402d28d35f2c5263f19d5ec2eb6c92de1b7c33c1d2a3fbbdc6769bfc8

SHA512
6cb5ac8ce39d0fb7fb632f389e3daa69263ebb9c2241e3e463c8815135fed1c112cdd6a354d3cd11c6a66183194901d3e53bc886ce348d29e71a6b932672bf3c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2096_1088004487\1b8b5715-3ce3-4b76-8561-608b109977fd.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2096_1088004487\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit