7237c1f01b83342db06fae7e57e574d3566a2cea0f7af7137e12ad2dccd3ebe0

Analysis

max time kernel
380s
max time network
387s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07-01-2025 21:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

jre/bin/jaas_nt.dll
Size

19KB
MD5

503275e515e3f2770a62d11e386eadbf
SHA1

c7be65796aa0e490779f202c67eec5e9fbb65113
SHA256

97b5d1c8e7aaace5c86a418cb7418d3b0ba4f5e178de3cf1031029f7f36832af
SHA512

ac7c0cb626c2d821f0f4e392ee4e02c9e0093f019aa5b2947e0c7b3290a0098a3d9bb803ab44fd304ca1f1d272cfb7b775e3c75c72c7523ff7240f38440cfc3c
SSDEEP

384:45kF/QP8xkI6hgWIE0PVlyJSZ9nYPLr7+:4SqP7I6rkd4EfC7+

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 1 IoCs

pid	Process
1440	winrar-x64-701.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs

Web Service

T1102

flow	ioc
107	href.li
108	href.li
109	href.li
143	href.li

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4940	1548	WerFault.exe	84

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133807608081532201"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2045521122-590294423-3465680274-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
376	chrome.exe
376	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
3788	chrome.exe
5092	chrome.exe
5092	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 23 IoCs

pid	Process
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe
Token: SeShutdownPrivilege	376	chrome.exe
Token: SeCreatePagefilePrivilege	376	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
376	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe
5092	chrome.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1440	winrar-x64-701.exe
1440	winrar-x64-701.exe
1440	winrar-x64-701.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3168 wrote to memory of 1548	3168	rundll32.exe	84
PID 3168 wrote to memory of 1548	3168	rundll32.exe	84
PID 3168 wrote to memory of 1548	3168	rundll32.exe	84
PID 376 wrote to memory of 2380	376	chrome.exe	100
PID 376 wrote to memory of 2380	376	chrome.exe	100
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 4588	376	chrome.exe	101
PID 376 wrote to memory of 1336	376	chrome.exe	102
PID 376 wrote to memory of 1336	376	chrome.exe	102
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103
PID 376 wrote to memory of 5080	376	chrome.exe	103

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\jre\bin\jaas_nt.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3168
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\jre\bin\jaas_nt.dll,#1
  2⤵
  - System Location Discovery: System Language Discovery
  PID:1548
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1548 -s 616
    3⤵
    - Program crash
    PID:4940

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4048

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1548 -ip 1548
1⤵
PID:60

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffe6382cc40,0x7ffe6382cc4c,0x7ffe6382cc58
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1876,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1872 /prefetch:2
  2⤵
  PID:4588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2088,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2144 /prefetch:3
  2⤵
  PID:1336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1852,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2440 /prefetch:8
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:3768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3340,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3372 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3712,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4408,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4852 /prefetch:8
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5004,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5012 /prefetch:8
  2⤵
  PID:4372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5024,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4960 /prefetch:8
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5032,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5232 /prefetch:8
  2⤵
  PID:1604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5028,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5076 /prefetch:8
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5100,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5240 /prefetch:8
  2⤵
  PID:2384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5312,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5528 /prefetch:2
  2⤵
  PID:2776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5088,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4040 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5600,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5320,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3460 /prefetch:8
  2⤵
  PID:3016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5472,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5916 /prefetch:8
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5964,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3460 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3328,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5932,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5628,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5252 /prefetch:1
  2⤵
  PID:748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3384,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5360,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:4108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5560,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6020 /prefetch:1
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6156,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6176 /prefetch:1
  2⤵
  PID:1120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5924,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6276,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=3828,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:3016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=1260,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:1
  2⤵
  PID:4840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6224,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5188 /prefetch:1
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6068,i,117087333885160580,4725238688803433277,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6212 /prefetch:1
  2⤵
  PID:1676

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4888

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4528

C:\Users\Admin\Downloads\winrar-x64-701.exe
"C:\Users\Admin\Downloads\winrar-x64-701.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:1440

C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\fffd292418ca4b7eb867d6556e27cdd1 /t 4624 /p 1440
1⤵
PID:4984

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffe6382cc40,0x7ffe6382cc4c,0x7ffe6382cc58
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2096,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=2092 /prefetch:2
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1944,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2296,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=2508 /prefetch:8
  2⤵
  PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=3356 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4632,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=4660 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4876,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=4872 /prefetch:8
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4872,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=4936 /prefetch:8
  2⤵
  PID:4384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5016,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=5084 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5092,i,18349739267930778667,18073783557692381887,262144 --variations-seed-version=20250107-050125.110000 --mojo-platform-channel-handle=4840 /prefetch:1
  2⤵
  PID:1656

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1068

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4364

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
1fd21a5228803360e7498b21377bd349

SHA1
c028d9a423b995bb2f9d9b56ef09e5a4f9535b38

SHA256
920270c469d0fdd572881597d30bae6f24faec32c8a1e7e689186947ac7958d3

SHA512
c2324e1b0a32c3d4abdac5ee1c2e663d1e49c24c17f0b5a5dac56cc867f67d2665f29148de2773f2e048292b189d136876b557ae9837517f612155633cbb09b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0a67a119-adf6-4ca3-92ea-83d4dd7c9e06.tmp

Filesize
10KB

MD5
9a83105deed7abce0493817e53189d53

SHA1
c19a2989cedb9e204a38336ba490771b69d7831a

SHA256
f6983d6100b24f307ec7dfb1d7cd02c11fe05a9510bb78c0ae5c9499901b11c9

SHA512
f9afd7012060324571607643cbd033f1831c2a574639e2fbb61ea6b442bf5a5a044952adb21047faf2cf4591516a3aa9ad98537d7da38daca822cafd70495fc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\27a644dd-4963-41b9-8768-cf7ed54e93f8.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\32f492c5-b9cf-4a08-b2f0-bd5257af3797.tmp

Filesize
9KB

MD5
52a1d33d6aa80668bb4986164ecc3dd2

SHA1
92cc5bf4b2a6a5314da1f0fdfc89dc56045a3d81

SHA256
a90ac9bf6b434d391949bd12c397e03825026c800ce0123c268de6d68c98837e

SHA512
ae828cd926268e5c663659177b81db86ed73499728e5ddd968113aae7f9c6da989846d7d88d91678d16f19781450a2a9e00b4fec30cca9a0dbe1359c0a7aff6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
7c7070b0041625db00642225dd6928b6

SHA1
3ebbbabb39d9abaaa7e2fd201d5ca6308ca5611e

SHA256
43123128fa46284acf55bf2b0a84f6db2f36b29ada9252ea4323eeca44d05a23

SHA512
85c0c3fd5bc08adcc37f0deca08cde4393cab9348239460abd9103612a0dc0ca5d09386c88c270d9e0bdb8e41852a09f029c8b1ce271cf74d3d8833d54c92fd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
079167632304f2d711489dc30109d24a

SHA1
a8746c47192706505408ca052f786f0e3724771e

SHA256
2f2c9231367bd80b6dfe7358ffb74f414237510bcd90e55fd9ed1ad326c6a03c

SHA512
b87e84c9628099f4b0648a19d682b1b1d89bba2c22331d172180148bcd1dd9298fd4c60ea90583f99df3241b1a5a95f755ef52c2e46629bb19f7d49c86dc716e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
5d0541a5028170d255f289c3a9876a3d

SHA1
acf1f645020ed49f4475d62942274b22bab61d88

SHA256
d4c13178b8e041375de639a883df80c51f0ad9459b7529ac38eb71887cb70b58

SHA512
40bc547938cf2c78b643e06ef499ba4218d4592016676d94c0595d7b1a9a3f5f0cd10d32110a6e0d5c27f23ec50679ab150dc8227e139e6b0383524ca8cb0958

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
df0bc3ae9a2b19bf7de152c78a19bf84

SHA1
d14203afcdd2abad5f5740c4dd96d6ac6a8a7199

SHA256
4704ba6f5970e944f18324e341ef0f04a082efd35402eb8cf073824c5976ba64

SHA512
c8ff2241bb82000b79917dc0ffbfef7d72b9c1b24da75aad5556c6c1cc0a4e28cafb39a7829c3db0eb8e994dadfbef7b8960627d9a040191ea48612b22bf6479

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
c34c4765423336ec30b0ad3b95deccd9

SHA1
fa15fb09d82d29e4d137068c8f336091c84eca61

SHA256
5deeb51c0fde0a6e6b55097a9e0d6c3812af39d279eb7d0b42de135c67dde279

SHA512
4a01f862feee098da9b91074e12b6d031d828cd1a9c361eb3980a3ebfb8aa937bcc3ffeb98c36fe9c9f06a15613ca19639d5ee6485547114c8a8082d48b5aae5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
ca9e4686e278b752e1dec522d6830b1f

SHA1
1129a37b84ee4708492f51323c90804bb0dfed64

SHA256
b36086821f07e11041fc44b05d2cafe3fb756633e72b07da453c28bd4735ed26

SHA512
600e5d6e1df68423976b1dcfa99e56cb8b8f5cd008d52482fefb086546256a9822025d75f5b286996b19ee1c7cd254f476abf4de0cf8c6205d9f7d5e49b80671

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
30KB

MD5
46ffd15a8aadb74516d90a4918bf6903

SHA1
349f630c6071e93dc11fe5dc1c2cf668786a7885

SHA256
9d2033e8f656ba7a0259ae8fe77547c4be4020eabd19f5a8d8212045dbb9bb22

SHA512
5363e45cb3cf2993b3fff242d4a1cef555cbfdb4b358ac4e60c1ac636fe93bb7648dc6070312f2b9133792b213c22a9851a9137dc6d5df1b747a8d0bccfd46cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
53KB

MD5
f7015aa9a2fd423c00bc8e8097b3f5b3

SHA1
de9748d1e60a7d7c6b4a5b60eb0031e290d1f427

SHA256
d3f5ce15eec3b89f0908cf24d1339c91caf75ae061b14a32b336bb19b42a9c99

SHA512
4730ed588bce55c947cab7efda790f9dddb6e48336a532acc19845ad23dfc4129044ad7a6ca350ddaf12b1fcf4e7ff06e8ed502444ba6112c407d0723d8074cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
60KB

MD5
264d617618bf16e6a64bfa79ec0f6f68

SHA1
d4ecfdc0d4c75d406e2f8f40cb77bde5e1a57857

SHA256
d949034af2eb1cc7e67079d0a05d708fcf003c7d53158f2a3bf19d5738d92ab8

SHA512
600efd1dde7e746730a2b1ebeafc41ee1b616acd3cd41b9ecf5b353ec8682944c553762b2ab299fd0864322a97bc0218f38b75e5b699ac59c26a89a3734c485b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
31KB

MD5
ea679104e328db75c9feacc1cdd0a0d4

SHA1
230d4aaf4c8cebbe03c03e8a156a255298a001a0

SHA256
226f9cf181b4f7059b60209890db137c87b1b51234c8a80ea9b6fbb1ec7f89a3

SHA512
1abbb3ac3c9c841edb7bba3e05ae43fd217da0f9a2fd69b8281b61f721452da68350f49732736e8b12670f8c72bdfe3b0db3aa63100a5f980a54cbb5c11efa04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
48KB

MD5
1b3e5fff285c7be961cb7603e24fba3e

SHA1
11c8b7b1d5145ba13ece26bfec68a7aaf7697105

SHA256
a73c41bb2bf998e34a230223009a9d9dfc6769e2c6886cab9ecb4a03d8fbdcb7

SHA512
a7c036603129894e335d5177a63bb93ebf171bd45644ddca98283a9d791055b10b2740d32361f84d701edf3f6eba23520541502e9028029e5e597812dd1b6386

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
54KB

MD5
41d225f3e70df96a6b6de6c507d06427

SHA1
da4ef1a55d5248d9264ca9806f64454aa18e733d

SHA256
01e55a15ce3dce122fda249393bcaf32b908fa32227224cccf0d23d40006a648

SHA512
ad1eceab1daed02e20d829095f24b3276fe48c86213f71a7ed4ea741e45c0e834cb21ed3e16b894530f3e390c2dc71ba91f80b087fe6c1d14b0280e274d08027

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
156KB

MD5
b285d6afa1b7786c591cc8e92a42d9d0

SHA1
137e74cbd96adb86e104e69146c3e933d4d1c9b4

SHA256
41692c27e0271fa12a9917ae41c914eef8ccccd3feb8c70256e7b2ea01928d17

SHA512
0e0a19d89f7d2127e1dc1ed9b13dda09816b3c5047194bdcb387c5361d047bea6f7720c85b0e30e44f0febb998ece928a96c36b40a309c578ac63d2bd7da1cf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
72KB

MD5
e29090c98a60b1dd4929fdcdcc86ac70

SHA1
50b77958ff6ba31cf2622bbe7a636a847e48a6f8

SHA256
1679cf15f09f46a49b47faac6c9793d48f02ce0c849ed4a6c9e41391fdb67973

SHA512
247035ea7309b728d4eba29925ea9695f2bf808a91f4de739d44b10f09b382d27c4e5ffe95fb76920f1dbb0207add2020857927571f970952df652ffda165652

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
407KB

MD5
bfa5e627725e2fcfdce48777ecc94b4d

SHA1
d472c46814ae02bbec73946e2454a3d6c4ecb939

SHA256
e8d5a0c45654a35b85dbec8623010c0abf721c93520752d552de7f85ac8cccff

SHA512
9ad8eb0a13de77dca9027d2e9b2ead13a32a36961dd08c1d74139b580ae1d546efbffb404ded12cb866a13d57e12cf20e08fe060794eb7689ca6fd5b0deb512e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
90KB

MD5
89365bdf6fcd96663706f685a53b9ec4

SHA1
1cfdbca82a822cb59ca9c164042da455f199d5c2

SHA256
bff8ff9ac944e4424a43f0deeb738ab779fff967da0b1bed8c4f899c8fb6227b

SHA512
c4dafc6a5766a2fec4cdca4bc0bafc22319ca50351733b0a5ddaa5b43e81846421354a0a3c019c6ccd1f52edec945faca9a57c5fd345208b7b3c58b6b4686d49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
111KB

MD5
39753ad89c47dcd00a497d0fc5246478

SHA1
c024226489e157acc134c7250737652818663abf

SHA256
40f9f797def69fb273779e2c633f8d7399a9346f1dcff955c6b318e831ad02c6

SHA512
d5cf8770776dff343eb22871f709731779527330c2622381ab3ff44956af4337ce0bb9436ed51dc8654f8bb84a5710713b91dc0f2858bc4f9936af4b9988e2bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
18KB

MD5
617286aab6691ac3526d63fa91c1c551

SHA1
c4cf246a9b06daab99a1d44783be3fe819c07afb

SHA256
9380b9986abd9f0cec4fe55cd166ce3b03ca094b467589f73bbfe9b48b96b6d6

SHA512
b255186460feea852af5c1349a9e8c5688bf755701cbe8397c1e7f5d9b6554b614387f63cadac1c114c7746f8bfa932cdfbce1e770686d190716a6cdd07b0214

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
84KB

MD5
68d210a2282e2fb4d91145bf6e89a3a0

SHA1
d64c447d050b7499b2deab02806c92096fd91fdd

SHA256
a2a9eef759d33ed5a4d70ebf44a12987f754b16636136f713024a78631722e20

SHA512
a6fcb35f79ae6b049f56097cd6c9d51719fdd62d137c32aeef1ef92343f60c1a6a9e25d296319e04170d0ec01b150c9297e3c2a1ee67bd4cfa29d1fbeeaea2e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
216B

MD5
3af6b6e55d6efee3e58c6ac4af0fbea6

SHA1
d47bd5363176f658e2bb2ae641a2e5e72443be31

SHA256
74b0aabeb322955a21dba76dfad7a7da6774d653735f55105f308ecc00ea31a5

SHA512
320eae8b083fd6030933e3608d2682ed196740791ff6ee22f9782fcc63bc075cdf199411971103413a4832548809bd9c8f65343bcfcf0ca3c6632721762de4f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
07e666e9ef8871f6248e43690038c497

SHA1
798470938beb27c678aacd75a42f4625072577e1

SHA256
b15fde7a22f0f0db3d48b88b1ab4b5a27dddfa7b2adc44ac7c10d1a873f97d8b

SHA512
726847b8e6306ad0469f85ce0bb2e7335768d0970c326549cb016eaba83965e1d4391e3043a223c277217bc3cd2a06159827758e15cebe68faba901fdbb325f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
e031009f8e761e525c524b91dce2b1b6

SHA1
0ff9fe3d646f44cdf43bf9c1f3bd328bfd77453d

SHA256
4cf3f7ea2e5989c364cd7cef34a45551baa6134f168f25b3bf085ca2d43623ec

SHA512
18e985eda8a4826e0efc465fd7e87f467c83ea16a9f7ea5da0795833119f2b9a148baab97f6d059236eafe4d525a930de72e0dd37919d3bbe093d12ab35437de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
3dd5a25e555bb8b9953aeb2952a3ab17

SHA1
79f6942ae1fe97698c3ec3e3ba3c2224175e3068

SHA256
390f9eba7b74c913f122a2de145b90e6439437924a6f62697400d3f9347a3805

SHA512
a8d6161796899136b56e1d7d9d76dc5694e2dbc51cd34e3d9ea640d47daf2bc050a5fffc64b39db907305e4ef9c92cdfd88cab619a6eef696330231f8b1722f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
c1f9da3cc358b00f411678ed8a29a24c

SHA1
b4965287593e8d2317f17005db0ec6460836ab12

SHA256
a23a68450027515f45cda46ace1ab734216a556c0a37197a5ef78879c0db2fd4

SHA512
fc2c225b65608889651def3c82ce4f8a600a63209a57368f1326af8a36c5264908d0a25b9e93cdea393e3adb477a28c00b0471794534624d61da33db67580723

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c15ddc92952364481212910a8a8c4894

SHA1
663cbc1b876b94ae9028b34980007a31ba353345

SHA256
6b44b622c9d8f3435e79ec77a059a9977e7d9e1aa4ac0bb10119d6583ee5a86f

SHA512
258df656bc1daeb6bbe755f518244df702828415ccbb5fad89672d5de05a7d598c2248f61dd249b1bf7f77e0bf6c75d562ad8a8ce1f8ebac04287cb5db09b1b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
77bbb9e0bb2173f27a0aece3cd3a74ee

SHA1
b99689bb0ab84534289b278cf403359863035e06

SHA256
bec7226a2cb42b0865d180ce1581d2436b3962a9f0f0b2fb1c1bbe46d6c7df6c

SHA512
e01f17817d9d9b3434d9c209ce1e460376495cec4b54c4429dad585b9488c7f215d0823f3409d0db7270f0c6e81ca45ec884ac4720aa26a62f14aaab09bf34bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
883e1a905fc09fded7a35f9070ee86ca

SHA1
c90d4f49c56643f368e9fea46328bb5a924c0cf1

SHA256
78c88a13154bb72bb21a26d01e25dc5b67d2064df32de3c9b78933c7097bfea2

SHA512
935a1a01154288cbd5c5a372f92a0a2c8b327445b358b11df8c41d09882cc252ad01aa3237aa51984c1837d963df046f90f9e4bd7b9a3c73efbc12aaf69cd3a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
e932e1fdf10214c7e8c7f0bbe3333b65

SHA1
95b0b3b1250b6c525874a6880828340f701e3be3

SHA256
3ceea6a1a81aebedd1745287cfe952ab88e43bcd2afc0c3e9d9897f8f4e9b0ba

SHA512
7818d2a0646b2b27349ab1d13f69c7c5283c532d1857e0ef700fc224c5955be4867cb05e0a26c1d734475f915d593cc8344cf839c3f2795d3a1fb54fabdde42b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
6051d77efcbfb52890bf8bd8256a2dd8

SHA1
9daa03690938d5acb873d42af2ba0339ec2b1f7d

SHA256
1976a4609316119971008938c9cca39eac48ff1cb6f6a70bf41337dfc49629b3

SHA512
3a67a3157143c295105462b73f3913f9c9dd88f845ab70423922c47148273f646afd32ceb57ec1584c469d328a638e60271a4244bbe5bf1d208c31e702334a9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
b29982795973d8640f2d9a64eb9db175

SHA1
6e6916ad61d083dfa31e248ddf1f3e14a18f08e7

SHA256
d4a294c6ec3fe1a6e8969c610876c5d69881a8e0742fe5753fe0b917a77b7672

SHA512
d430638c288819d673dbd041bc0aa99607d32d5db5888140cfa745dbee73a5abf930ef893e32d35ca6558775ffa755e1847906233e22744f90ce8f5fa33c7aa9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
af934b7cc9f3bb212710dadf2b156bd7

SHA1
0f948ca25bd321866f514ff25396e71790cc710d

SHA256
acadfa5c0cd3249feff89d4d70b795f5b522ff59c8ad00389ff767452558614a

SHA512
fe62a74d5cf271bb91b4e1727f1933ca643fac414b4478c5f72c6311fefabf53972d4b1003beed0da29031f58b2c78a3a43eaa6b706cdf142c2562c86c87c8b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
1cdb8297ca7702d437676775b9f4232e

SHA1
e93153d912680ddf7beab9098e78d69dfaee3d72

SHA256
aa06407f1511f67fad03f69ea11f149020acabdbd0de6c71d48c7a68936596f0

SHA512
e1a5dbdf0ee1c6485fb501f5c19bda75f2d2176b6c7e953041b472f4c4c5837c3daf40ced19d56f91810156834d03470dd0b8649695cd55c3976c4733d52d874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
c49e431ac0e404a482b46c8d865296fa

SHA1
240fee088232aea485375d08168b6494395388ac

SHA256
02c527137741d8baa2d7f25956ed05e259fb074111c87e3a500cb6273bda5d46

SHA512
0e280b468c5f52f5344789b918e19803bfd442c7f5bc5b99294f8ed09c180b0ac9a9cf8dcb92cb9ce4a61f93b178ba4da2705b9593fe9ee1c5afb18159b1fa92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
689B

MD5
b4f07dfdcf28cd45d2777c7fb92ead95

SHA1
fa71d6d7d34aab1547b0865dbb11bd6274612c36

SHA256
ab06614f7d0cb10a87e265c9c14d7cd7fba02ff16ac97f56686a51d7f3f0c84c

SHA512
78e9579692e6cbf12fd15ab0bfebaccee16958258a0e34e9785bc893ee154772fad6baf0c0fde9f2d0306c8bd127778bcfc10c83db186b6b79db6d3f5d16f2d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
689B

MD5
3243ab33d3fb75e9b9344f380c02e878

SHA1
06124b969727473c8c90f1fef4226d2cc9d9fb2c

SHA256
601cccd5ef9404267dcb523803fc7633a2fddd384cbfda988ee345f690393272

SHA512
7b79e3e5eec63363cb9e9510c026333b717bdad08a6da96ac89e823b1c51d3b6ab8f1ddfc6a12c9abc44b574e10d8f622c3dca3c9a8f1a4adfef500c179bbae9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
31b91cd4238ebad725e4a20fe5fe48f4

SHA1
e982a7c4188a441706f6afa19da1f395ca538a12

SHA256
be1ee3974665b0895b49eb7acae3afd18b1c7c364e3eff31abe486499d3b4bce

SHA512
f0f1f14a8c9a28a0821cd34ce68e7e7c4bea1deb5fd86c0d3c1336789667ba690061d58b3c91cc73f67da307bf166083eac29988030e426844f42317dd528879

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2ef3bb967e02d2f6b018b91ce2a66475

SHA1
251acfb0a3f3760ebf62cd26133756f4ff41a523

SHA256
6842a04de2a4acc1eaa162ee6a909f06206a369918d676175fe4ac4d8b44d65b

SHA512
46a983ed2c373561e3652ef94c1053a603424e3072c3c80e0d26f16ecd6f5e707982fa10c1ba3b6e6d173d829c646cc8f88d3061f7cdb7ae04146ee07a8e732c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
85f2893f653873d4e3ccc9723ca22319

SHA1
c264f6be707107fe5460d66b2f48c55c0252e998

SHA256
51e3baee785936a9258300a2cda7de17b0aef4ee17fc79d08ced6ae085300b62

SHA512
d45de53b447582727ea046ed40d9f639f1bd9e9e390f6868e6a10715c3ad5d25f436008981cd2d134b83b0a7c6b22a1b1f90540b7332f93a2742a2135d4f7142

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
0f8b1c414d9db4c4d7635df0821a2e62

SHA1
ab00620257c1e5b3d7b965351242192cdbc8cb3f

SHA256
cc502b4906dfd785d04a7347c4f7088d40b3a3eea618f29d00b96fc170f9ee28

SHA512
d691adf0ce1c35f8aca67c639f4918762cac93f64b7c0ae73e6f351a4658cf7442312e7651c946d4f8d632abbabdc6e19f419da27d067206a036eb90f731ef5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4629eb7a106e072be1786acb842e856f

SHA1
5091973cded85be4fd174443614f0a84f40f04a4

SHA256
325e58c4cffff42200049c1dbcacb1d42affb0cb50762077b2deeb8db405bed9

SHA512
c2eb90e082ffc856103e2e6109caca131f17b9a900788c6076d5fe023a9d8b8ff73653054a31a58a887cff3d9ea8d99e26d8af84df73a9a9af94bde7de728384

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ec50f0fb3c1ddcf4f524a3ebe67079d4

SHA1
9c532afb8c23925d82e183d737d4d62e1b7726d0

SHA256
d0de5238d6553465807ea7f0789f52076cd02b36cbef273a09d983fe286ca8a0

SHA512
70cb5f73d1ee1b0c179e03b11a2f0a041dc4b18b64f75ad1d56ee08e2e447adb336e95827f97abfb23448396eaaa72eb8b8bcb9cd9a808e8f98f560ffc14405b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
96e20d5d46718eb5d660f09132ef46ee

SHA1
982e654f27bef36b17f27caedacda784192c3c22

SHA256
235cc5e833b0380e96d5b892dc9f3b18b055924dabe30c62eefce2ede6d2f469

SHA512
bbd587f25d0489abe9988ac1752a83bc7c0abfe033f4c4252d5d902224e885a4a60d4b89436d22104771ae36fde1c87c7508b78fa76a5f3397da0e17e636b68f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
22ad64eeb47f94ae5d6fcf90d718db2c

SHA1
8dbcd3f3f65728ec311d72d2ab6a7a785fb04e04

SHA256
133512d10f3df28e695a9891dd37647caeb933d75b304e399f3809fe9db53e8c

SHA512
65ead959a955736b74cb67109be4ec1b1c5d7fbc92d2be9f2970e13d411c345182a12a892618707764eb1b98b34cf79cc13e602fa67413d3c0146e9f2b0e2d45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4be70a1996b2ce0051b5a8f00cd02f3b

SHA1
6c8a2fa2b9dbb3bbf18df3d47449be6ab4a1fca1

SHA256
2b54fc9e0a32e9d2ec99c0eb23b5ef945cb49f949602370c3a891616c8817297

SHA512
6a94bbf8909063a050bc7fde5ae47a1ea65e2efa6b8cd5f05f90d3d20b49f1ffc3da4bf5b624164ba6db85e41d0e45dfce37f86625f7601c4358b020df13037a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
23de625f72f980f0a23b3b06aaa8863a

SHA1
4e5327f6c45d100089dfc5f89fa22cfcc030adfb

SHA256
91d30f6cabc66036f582f6b3ee6875e74dba4c4b8cfc5999ad950e44051417da

SHA512
338bf0e6aeff1edb4c75af4e007e5b2495d9054359199494df89f42a947815aa790c600d8a74523a7814f5dd43f92e83db73668fad4f862d0ed685a14e56496e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
58374d53d365a7129799c86d9eccbb72

SHA1
881d09f579e9aa1c11b57255fdb597db01e67530

SHA256
c1303485d33fb2247ea04fe063f640adbd933ef2dff4a4a179d3b48de66a72fb

SHA512
e71eb8346d60f78ed07ab131cc9ad4208106863b9144bd98d05102c3dd47fe1edc62b15ef939f2fb391587b4485249cfb96aba265917adda4562be5078312ff2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3d60d65108a35e3894774037b6b9ec57

SHA1
6e01f4deb2328f9a7675966fa5b2a580b17957f4

SHA256
1fae6cb2497c654aa9d2953160658726f4f455d3a8a0bf9c08c7e006906f7829

SHA512
b548d76c9a0e3b88a95c126160ef210a7755674bbcac41342788ee6ffbddb569500c71d79c2a9c979fdd985494503c0a4d5e5a167e4760c25fa7444bb7b896a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7eb5b4790cb542ea04e83352e2c5c9ac

SHA1
7593d9c9d2ac7407fccdd95bc2169ae4b5bd820d

SHA256
ab7820bea3c7bd76cc348cf58cfbd88b8aa0c5374b88c337fb262529653d5028

SHA512
232b6803e58384f5dfc8dbc41b8053d9d707d51e4c4c5635bbb609ffc8390b324f4a312cc04a518e63a5822837441dbffb16433a579a9f04cc97844414a6c929

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
67063ebfac51ccddc33294e559bed207

SHA1
c6828afb9d80f8d9f6522f087afb9a896b3e7cb2

SHA256
6081ba38ca63e2e7d6c0f913d076e3eb37ac326bdae974b404739e6aa127ea72

SHA512
b1a22d4995e2cbb9c94caffb5f5c032df037afb9f4e8e66475d0a509fd197a02782f7e8c0e52011a3100c37207355d072c56015332271aa4d78a14b2a78bb2b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c6ede199ae2e7812cb8f11a419b473f8

SHA1
29938e41acf9cd8a3005d8c3626aba4d842744a6

SHA256
07840ead224bfc581dcb6c73c13d502dd72a614f869de5f4d54203f7071b4ee3

SHA512
e58924a9426438fe3f57dc8a9f2b3a34a126e63f616213899304084b9c0fe95a3f36dbf31f60f5d0e6609eea7896073af488565c632e949c5181a75a0a90c523

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
960813edcd1e48cb1febd19c1286a859

SHA1
fbb767051a9c1700c3394ce261e74b1903961307

SHA256
fc11a9d7a67d33080b2b0150332d553fe514dd4eaa1684f4ec6b7de6e20f0b62

SHA512
e97be1e4908e8f3b6a153888b9d731719e2066104f5f3bbff8d2287e2a249091e75d62ee7cfeece720eacdd3c385d639bed02a229de6b18b6e6d9e5fc4a1cf17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
98c941dfa712023ce0b0e4682267eba5

SHA1
e853ab58efd73f543048d79982b8a64be7fc9f8a

SHA256
2a04d5d78e5e7072891e7b4ad18c8453de3ad3b8067d9816e1d7caa13bdb636f

SHA512
c1c34f4740e582bf5ab88c59fe13354f492e9ed64cbb88da5bf595167a842205d780a7cf3ac995b4d63a43d1ea251dafe088d6bf8046f2d8e47fe7e1a23d51d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3307408b21dcfc83d625688f0550c605

SHA1
573ec586bf0e9b7cda0d5b40327ef6b0180a0c4f

SHA256
e82a3db26caf597d63f587f6b053f1b59458649281629447bdfbe170895d86ec

SHA512
419ee1001019ea7f026ab3090f4d9d8954f1d1392eafde44328d76e900f483124ee5e7abf4ed54574118bdeef0255b320926e0463a81d2816162e0a715d45556

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b1a0c72ff06a97f04295ef107f6ef98f

SHA1
d3fcf08fa340adf04e150ac10041f9b7d690d4dd

SHA256
65b041fbca1a3e78827d454b2fdc5b97e51c0e56247cfa98d4bbe9e3b1b2d9cc

SHA512
5b86e55ce2de4b7f46cb874f956bb3fb07202054ffbf01d31c7e101e5c51b0edfc6da696d4c30fc1b953949a54f8a6842fb0db466ddab715348c39ee2b74cdef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d84431b64aaca612d798c41aab25721a

SHA1
8d266f95793b25a7db71c5e8d433cae4d2c75d2b

SHA256
761381986d5ca9628d0b39356fe25ebb94adeb06f1630d80b83a4c7b1c2cb068

SHA512
f8d630e2a72ee7b1a0b241bbb984b35a30a01e0ccd7cd8d5fd24f92cb5152e54b25fe1cbdded4246a4387b13dc0cb2ae5b2ae5745443a1e3d39dd160788353e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
ced38473592ec3edba967d0c57467e5d

SHA1
73e9032c307e496c5f61caa5b3b53c28b80a9733

SHA256
569fc8b2bfd41d8a5adf37db12d132ac26e326c5b346e4f611c130dbc2051504

SHA512
d28a0db01ef30a3227b20b0edc16de73928acf8c7155651ed2630be48d536b01747fd81f194f61ab07324ac219e6128c22a8e5e5a4ca2f17945f889a0e410f78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
df5772aa56ea7a6e7175c9a70d75df51

SHA1
c9b15dd5fe6877047b012d65031d77dc55afdcc0

SHA256
352acbbe2b3491af706a46534cd52f208e67c0f7c33e299e901ba96b55c955e0

SHA512
340020f16ecad920cc817baad85d72ec9eec5c36a6baf488cf16fd4cdc4a89540d07d72dbf6233c5b764376ad7ce673b3dfd32f0ba607693aa7c99b83b8259fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
2105bca4fa4d8d5fd18fddc1b85dbaa4

SHA1
8f8553b605713e96f636859c329044426da07237

SHA256
d24f16db24c5dbd92c07fcd442a73877e9b5ad8cfcdf261dde39ade1d29f5681

SHA512
de54169643bf5fc700ceab9bad55de87e4182266d69522974a8f0cf9e82fe772c7de2a36430b14016dfec3a99ec27682246849dcdb1d20647b1e345141d19fe1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\aa16eb89-1e54-4f20-b5f2-6e0bf42b1151.tmp

Filesize
10KB

MD5
23b48d580acbb2861dc66064a935d20c

SHA1
5aa89c0379140709bf46fad486ae419c4e4c9e39

SHA256
e54c38912f525258babcd119a67add6f1b3eeecd2586b6aa2c3822ad553c2a47

SHA512
31e963bda579d7a709f5b8a76ad129d4c6deea2277c3e03ede8a52887c3a475685f1b7ea3e1b2f2e26bd35d54791ebdf349e2cc744dc5e0e62ea1c7aaf7897b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
67aaed891d433fe35b2126c1ef0204c8

SHA1
f82e59292bf184290c31bb48d7d03201c5c9c40e

SHA256
f6687511d1a857465c8a16cec8260d559ea0543288c8b69535d31863db36eeb4

SHA512
d6a6634ba1e1b317f4547dfd2dbc5e9ac63b4f2e03615218b1ef4a4fdcf1790af21f588b7990ed6a8cc4989fcbcda69b63c46b14c4222f38317976c3317df844

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
ed9201aab7e2babe32f83073fd79691e

SHA1
e3a7d04b40045b37dead4e49d56464a0ac6f1199

SHA256
716e8770ee0cb062a311c019f4d759950099ac7b5f3884bbfe57988e866aa027

SHA512
f8842bc853922e5d94162be992a621c53c54475c512766f41444176e3732774e062951f7fd0bdf1f22dea27c1af28d040099324525a8ce09f90ff0b78a84ed8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
80635b03aa39c5adeb09763bfbaf449a

SHA1
fc03e06b5f4d09bb44dcc4eabd03ad07fa48a917

SHA256
d74200c6b60af2909692120d5da8932959a7604fc861d33dc001cfd9fbe45c8e

SHA512
f543e602ccfa4a95e94da2f52a12dc7164f613ae9ac7d8f8493720a2eb34b9c52a076be4f9f9cdf11e7573db9fc14f42f7e14bc167138e8292f89376234ce8b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
e78d638cb909a73ea0077d4394cb6819

SHA1
5141d4ed85f85a8fdb94ed2029cf2f179a49b75f

SHA256
f4e42b9ffa13e0f0585107d4516645941ccce0eff2ad8be40b41f2cfd3ff8978

SHA512
d7bc9ac3b4d8f4d942d71dbc6d9bd2ee3762ee803611279d3873708028b33bbdcade96fca5be6e6a5bfc01947b89c372d7986c0b5d7d3f8efeba2f4c77aa9393

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
471e50101370448ac9f26e03701fc832

SHA1
593a889090c023cfca6739e17cce6b7b55170e45

SHA256
d27355283d18ac843d1223684831561f358916a6ebab2e0c68e50269e5e0bf4c

SHA512
83e1ec5ff576c5accf1dd942db0f9bbbf78f77011be4218536bf64ef85bb4b25bd622c4997cfcff7bc2e8d09bcf69d3c1c73c6d85e1920f9e23e4486c438b590

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
f6c5fe3e23d2c910a41320f9316261df

SHA1
d907e512559b2e95d30ad263f673730de4fdda79

SHA256
77ef22a5145d64475d059d1d2cad619ae73f791e8a2e2bd286854f380f06f943

SHA512
4091d6114f70f3b5f4d44677ba4e6083b5d78cef52374d317957cac58d9c8934bad113e9810ae78e8b8382281b0a0cf7006b92e07fcf915f1eca02333d28c111

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
0aa9ce7db5bf37e00e5b65a33a3aabdb

SHA1
5b8faec103535c9c462262995f612b4ff45cfb10

SHA256
a9c20062f92e467fc01a1b1a9ad81c472378609209ee29e5968dd288d7151340

SHA512
7b29ce15eb8028372bce1de9f04246846fa5346d57ad77e11030ae8246b4b012044437ff09c4c8b544651dbea809ea513724732b125fbab146108ff2d37f774b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
be4d95401c27249c72911893c77b3cae

SHA1
749abff62b110ba60d0ba17a7a65d925371982d1

SHA256
6463f34d4b56e6fdeef5960dc22794237f5e05a3830f77a51d7f396c36b23ec2

SHA512
2e62e48046324488123fbc9bd312794fc586505fbb0844439d2e16cc97a34b0002d85ffd59501e309ad59723b575fdac945cef674e68b5c7eab8e9229e5fc9be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
45df6b20dcef139b86e675ef2593b4a4

SHA1
8789c5d5b4f87cd5aff97fe6061b3c3ca9704e2b

SHA256
08b49555515da02c77f8e43b50abebef2817dfd41728bc4940cf6cc5ebaf3d41

SHA512
270cbb9aaceb9347492d5d51152dc9853cb59a70206e46bbcfa65d224f91ca783b45551f6dfe6982f929c461660e3c02b4d8b3c6176995124875ef60cf527fc3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
20KB

MD5
a45063592862900b7cdfedfd99c130d6

SHA1
b156b62d7300bead4c56b93ff190fc3633c476f6

SHA256
59c2424159c55e48e3604ce55c2010b5ce7c2d3b6ee4e32b100fcd07f26f7924

SHA512
737a9a6ca29aee8f45cfb634f9a6fb1d37373685b43de7644af9d6757ecb47b6f37f1b2511f1e42c1705893d2357bdb917a40530d01c9037cc9f5efa7a9865aa

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir376_1959206415\09c8871e-68ab-4927-b47c-b9e313286ac4.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir376_1959206415\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\winrar-x64-701.exe

Filesize
3.8MB

MD5
46c17c999744470b689331f41eab7df1

SHA1
b8a63127df6a87d333061c622220d6d70ed80f7c

SHA256
c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a

SHA512
4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6

Download Submit