hxxps://www[.]google[.]ca/url?31kr1u=hxxps://www[.]cruzjones[.]net&bg=SF&Qg=6M&SQ=EX&bg=8H&bg=FG&q=%2561%256d%2570/%2562%2536%2574%2533%2576%256F%252E%2564%2565%256B%2563%2568%256F%2562%2574%2569%2565%2577%252E%2563%256F%256D%252F%2572%2569%2563%2568%2561%2572%2564%252E%256C%2561%256C%256C%2540%2566%2569%2564%2565%2573%2573%2561%252E%2563%256F%256D&opdg=Y1A&dVI=ZUk&R2Q=akg

Analysis

max time kernel
98s
max time network
99s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
11-01-2025 16:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.google.ca/url?31kr1u=https://www.cruzjones.net&bg=SF&Qg=6M&SQ=EX&bg=8H&bg=FG&q=%2561%256d%2570/%2562%2536%2574%2533%2576%256F%252E%2564%2565%256B%2563%2568%256F%2562%2574%2569%2565%2577%252E%2563%256F%256D%252F%2572%2569%2563%2568%2561%2572%2564%252E%256C%2561%256C%256C%2540%2566%2569%2564%2565%2573%2573%2561%252E%2563%256F%256D&opdg=Y1A&dVI=ZUk&R2Q=akg

Score

7^/10

discovery phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: [email protected]
phishing
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133810870243552378"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe
Token: SeShutdownPrivilege	2456	chrome.exe
Token: SeCreatePagefilePrivilege	2456	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe
2456	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2456 wrote to memory of 1800	2456	chrome.exe	83
PID 2456 wrote to memory of 1800	2456	chrome.exe	83
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 4028	2456	chrome.exe	84
PID 2456 wrote to memory of 2404	2456	chrome.exe	85
PID 2456 wrote to memory of 2404	2456	chrome.exe	85
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86
PID 2456 wrote to memory of 976	2456	chrome.exe	86

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.google.ca/url?31kr1u=https://www.cruzjones.net&bg=SF&Qg=6M&SQ=EX&bg=8H&bg=FG&q=%2561%256d%2570/%2562%2536%2574%2533%2576%256F%252E%2564%2565%256B%2563%2568%256F%2562%2574%2569%2565%2577%252E%2563%256F%256D%252F%2572%2569%2563%2568%2561%2572%2564%252E%256C%2561%256C%256C%2540%2566%2569%2564%2565%2573%2573%2561%252E%2563%256F%256D&opdg=Y1A&dVI=ZUk&R2Q=akg
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc7dd9cc40,0x7ffc7dd9cc4c,0x7ffc7dd9cc58
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1984,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1976 /prefetch:2
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2032,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  PID:2404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2260 /prefetch:8
  2⤵
  PID:976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3120 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3992,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4488 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3376,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:8
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5036,i,15279820859039176401,15466991778998948022,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:1
  2⤵
  PID:2876

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4808

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3580

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
10d1b2971cfe28bd26a9d233b557560b

SHA1
a3e2fd4f8c1b5ed839513f25c91fc37f745f56df

SHA256
5c13feb1b143c11285c0f1ce98bb7d38279135b55f0f253fcfddf2a3721fdc27

SHA512
cee33a6b41235ea092d00dfc9ccf25a8e128b44f7d0ff92c5ceace153bec901082aef60e394eb1489f5802e0543c1d9fe0f097d4cdcf8eb54a16da5c65a1787b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
15cb0b9661cbba0c7494e3d3b2ca9283

SHA1
485b441bf130e6c92f5d91093d7ba439bfd7aba8

SHA256
f9b5b3ba0c175e1a989601d6a3767efdf9d267d3cd39eaf945916490bd38f8de

SHA512
eaf774b1aa1013705ebd354939cce972c112674faee5c3bcc8e416845e73cbc4bcdc64a7f01e62d2787415996ab36d5eb671b803f5184961ee9ee323a7508c14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
444029997d0f6e6ff2650948b9afe923

SHA1
bee42cd2658a7a75b517e8ef1931bfa92f3c08b6

SHA256
7c80ba1ca256d9a620396d2211963ceeb4aa5486009cfdc29ebf322b5e15f919

SHA512
3853222ab827b86e7996dfb1601b68d2b292af0692adea25f1bfb05e460aafd975942be0204c76f04f2b5aa03c4e9703a165316773a600664a1372a96634de09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a7085622546e710ac3a343364f76b6e7

SHA1
e4404c6a2aa5337d937ca0b3e3495c7b4e0656d0

SHA256
e5b2fdd361fa37a223a93db96a0d5d5b4dc62afbce0bfea26f77edaec2caaa32

SHA512
7c6e7b580cf43df4e36bfa82b517fb9853da91fcd699ca7fa9336ce026e76a69f032ded92db5873f4b37a5cd2ced5bb8d99c6a0f6b7852370d3b729ddc204f77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
520B

MD5
71bd51942f026309de0c302173bd5a68

SHA1
2f8831762837f63cd905bc9ae1054c7676f543b5

SHA256
8ffcb8c613dc9793a520e782926b182ac10f02ad569d55cea8f8cb6d563a14aa

SHA512
375acd5378b91e6666b2d5c3ab02bbee83fd40d2cec9dbf789a29abe27ad4353b498b1027e7a1a0515970ff379f0d2d316d2487e9cce537d0cb42f403f296db2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
683B

MD5
cc74fc86fb25d1993f9ca608bdf704de

SHA1
cded51b287d9445601a58424c9a6eba55734dd03

SHA256
39718f0c7275b4b9c1b948dba644be1a6aa8ed2493938e76a3fd33be763ed8d9

SHA512
72aef45b987ba946b5efd99d2c6e634693ef9a3bd5ec08e731d38ae2223603ce0221303015ec596a00a5ab80983726dfb4517512d21a69ec7b6d36712f0f601f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6cb596f2ecf8bf9c060450b6495bbeae

SHA1
2af9045b7a3823245477934e17e8b5a8c700a8f6

SHA256
6887b521fc166576548e0ed95e85423b94c8d4be6d578f9139d8b17847c7b1f1

SHA512
2796584f4b927222c43c66ee9b1222e22597ee1b9e7507bd549650c9b9a2679e80fc159f3071a0781d17981262d6083c6fc5dde6901ed4882249ee9708543af4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
370115ec36d320703436d53c91700e09

SHA1
671fd4b65280b54ced6e07b4b4875a98cf65698b

SHA256
ac84e43ec2d12937ff8b79b1e11346fb10cd872031e5850769b9b0c9a6cac7b3

SHA512
9aacbc964e47714614745acfb0ad99600e7ef10994126fdd18d210538ee0269ff25dfb114d76eae2c6b218f0ec9be89acff3155961dbcc7170c6f302b4839652

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
134e7a9812277c47bc19702cd43dd318

SHA1
c63380e563626e84125c4dda4daa11f9de7d628f

SHA256
433d09682d330351bb8323caed579c58cf8276b634b6bea0e22869affb1e2648

SHA512
9cd3e7dd44fc85349fc44a5e9830468696456933d03571800f82534219cb575524dd80d9b433a5bc1f94b52a27a98600175112527e1b3ec47aca48c6413191e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
19b37df754cbefcab26e51580d380607

SHA1
b16395dfe8371bec94a4a547819011e559afd4fa

SHA256
b654d471ed2728047ecb016980ef2da40272644b1f5bb6d5ad48b8b2e34a3444

SHA512
643fb03b0fa1a02e9242b7056e3f13f65b0369a3672da31f892d13e7d75206a3c4943847acd0fd2484fd081bfd0a07810a8f50343e287cfac4e7bc80a33d309f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b2dcc14bf751e95a30c2001f19c06929

SHA1
30e7fe2183f1f6ab8a3a57e62f16b13d44202ffd

SHA256
291467c8d24690aae97326cacc76ed619f45187568d80c69ab9e2ed4b1332445

SHA512
a6c4d80fa76daf595fee637f5031b85c33650d41b7242957bcb3ae6928cccaf9a679421e440b5d9f7a465a8dacf445e6352b7a70443a90645c54ece680d63b94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
958df376e84930a3243a6b0810e8ce20

SHA1
44d13a9ef6a62e42f6f2893fe975bc6a79baf862

SHA256
8c6d6f85bb97c766859b6e23ba6526005a38f981eded181e330f7f7e32e8e161

SHA512
9ccb6f7235aca509b3c3e8f4ff90a459214ec85464e3ecfcb1b942403c571f917849914ccc597d7ca42978039d8b9d56c64e4c642305b030ed6e84eff975cc6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
227045e21c9594e2633ffd1157471d97

SHA1
d3cb19b4c6094598207ecfaf55109341fd87c232

SHA256
f3404a461dbe697fb47f079ae938f7e01145c6bb982fa04c937cec66857ddb02

SHA512
de03b0b455ab724eec0fcecb1253e8ef19d7e6397285276a2c385dfc7c16b3da589dc426a9c6a33f56882e8478b5e4dacb4733b57111027e2a896a81ed1da959

Download Submit