0f8ddaa2bc8e8fbf2d12d88e76a80b8aa5b671c28c3e6c9271dbbe646fd3ff0e

Analysis

max time kernel
149s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
16-01-2025 02:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SaladBootstrapper/bin/vs/basic-languages/bat/bat.js
Size

2KB
MD5

4cb475399c4490eea41982dcd6d9653e
SHA1

fc97d57206ff7fa1c89ff0fc9f6e2f04a20ea185
SHA256

9bca42394fe8922fec24b768eeb8ce04692de6fad82f9052d5b7e70f5c6b0f40
SHA512

27eefe83cf38a7d784414d99b472f6fcd7e595691eb0f368254ba1f71aaf702840b62bf232c30c515a8fada234699fefeef496c0c24669cc158cb567227e4783

Score

3^/10

discovery execution

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133814666991229945"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3120	chrome.exe
3120	chrome.exe
4060	chrome.exe
4060	chrome.exe
4060	chrome.exe
4060	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe
Token: SeShutdownPrivilege	3120	chrome.exe
Token: SeCreatePagefilePrivilege	3120	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe
3120	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3120 wrote to memory of 1612	3120	chrome.exe	103
PID 3120 wrote to memory of 1612	3120	chrome.exe	103
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 720	3120	chrome.exe	104
PID 3120 wrote to memory of 340	3120	chrome.exe	105
PID 3120 wrote to memory of 340	3120	chrome.exe	105
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106
PID 3120 wrote to memory of 3876	3120	chrome.exe	106

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\SaladBootstrapper\bin\vs\basic-languages\bat\bat.js
1⤵
PID:1156

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3916

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffaf2b9cc40,0x7ffaf2b9cc4c,0x7ffaf2b9cc58
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1888,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1884 /prefetch:2
  2⤵
  PID:720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2056,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2100 /prefetch:3
  2⤵
  PID:340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2304,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2236 /prefetch:8
  2⤵
  PID:3876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3224,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3748,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4584 /prefetch:1
  2⤵
  PID:1772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4768,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:8
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5052,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4996 /prefetch:8
  2⤵
  PID:3400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5044,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5152 /prefetch:8
  2⤵
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5160,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5104 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5084,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4996,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5296 /prefetch:8
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5400,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5324 /prefetch:2
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5220,i,14754015201617034313,8843103812575146272,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=860 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4060

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2352

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2948

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e01e03cf191686fee6cad8ee59409b01

SHA1
5039f3799c33ef910d126c9035775d8b5ef6642f

SHA256
04217b541b1c15a015c8d7e9880afcd139e726168c99fb5ab2ca59f6d430ec0c

SHA512
80ace90b79ef16d1d07cf82f097b56c41aa3b6266bf9570f19e753e4770aa256d60c6d8e2c0dd4d0ef89e62c939ccfa4f6959b05d85c855c9061f76320f69ba2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d2b047970e5d28b66dda551fbc20dd7e

SHA1
04fc6f9a20df2e76ac8edef773accbaa693ad718

SHA256
7ad671994ec1d83dd683c1f3b0472a1bd0465b6afd7fe7931838361c5b54e767

SHA512
050fb8f4a10b059f6973ed3267ede9df9c1c9352d4467f67abebbd6bb865b82bfd1a90cc08cf4a30f81e0ea3970dc4b5e6684b88e1f92b43048db3380896578c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
4a69837a2423ef3f699d85dc491e5277

SHA1
313d4f3c4fc8be6d79b6a096031e8119f62e998a

SHA256
14d193855a6a14bc3591a799f53a4bdd9d526d786b39b696bdf641dc3a4dace5

SHA512
8f7fe34efa2aa516e9b086be096599c6c6007722b60741c6a5ea5cd8e6e60ab7795c2e676864fc2cc5ecf90b9ab628778cb0af5b71afb2e22b34b13d34b9239c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d42c3cf1d8ddfc141b36405a61f66ab3

SHA1
496221f29990479388093d855225e8eefa5ef7e1

SHA256
b9a9ef62edea589dda47583cd90da79bf80dd6ee0b68d7264b9d6b513060f2e1

SHA512
72445a82a95b2035be7b786d4e281e4d3e1c1877b3b933a711c9c99e3245c2b39532873e0833c49a691ae25749e58cb1e76938da51ed752f3585e6f227a9908d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6bec2952501a7f450f89dcd07fb61f91

SHA1
87618b6abe073a98eb129cbdaff91b5a4ec1146d

SHA256
f9342aa3cf5c4c604b34992c7b77e359eadc7444e9fd8f3885015f68b20c3516

SHA512
0805a96decfc424852b3c5fbf6bbdb09b09b0fdc08ed05c2c88b2a14007ef0fa1fc8a1d3cc0ccda4201b9ec94fb7c0cc2979ee11747de551be58e46e38e2112a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
398627fab642225b6e91a5b4215cac9c

SHA1
2c72f9c8ddde92519310b0b063fe530cd2bc64f3

SHA256
74a1179b5efeff2a930ea65cdfd474390979b277322d0b5cd38bee04b9278240

SHA512
9d0e39b4dd9934f494db407bad940de3348fc2996a4cc3f7a0fe7d5e7806a93d903d42e07653ddc39cb0e37f59e8e54d5f1f90c6082bbab6d49986435c7519a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dc6a9e84ccde6bb5c5ff004bdc74e174

SHA1
82949fcad511033a8280957f4c9458202f980384

SHA256
89b488748e9c1be6033fc3254a0beb94a4a78508c2c83c46cac78b96dc19911e

SHA512
a9045c2df55bfff029ed73f70bc28c7664ff935a8e1a3edaf5127d0267e81d3f4b521fb821da6dd371b8f9160903bcb864b63905dca37339f1be0f5c0a127dc0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1187c78780dc3641f91d56e03e6b0843

SHA1
46256000bcd6eae863b6d02cd4fbcb22a48a06fa

SHA256
4927aebd4f20eacc13e82cde0d552ceabc2530e885837480af98c86c902d214d

SHA512
4f7ee6870e0848cd318ae62a9759a216c7075c1546b8ac5e60e00c4b7be8cb767d6e1024608b244252378b7ee9e86201457393f97e89ec6934af3bc3e7d1981d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
c4d229009aa663cd6507f219aba64f9a

SHA1
7aa0298173c2740b94c5ef0f4072fe9e8f234e1a

SHA256
cb146f798a944ceeb2c4df578263fffbc9b61ec3864d22207e3864de9a640150

SHA512
c7a4e11b5de455d37ed603c0adf73f909e6ef074665d9cfd35bf7633af32bcc326c4e5dc314658fdadc500ce672bb85de7185e61faa68d14c9920baf070476c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
2f5b919ee6ed76aee0235c24110800c9

SHA1
cfb1edae41e0b34a08b8a4bd8558f7127631e270

SHA256
770b074102c60c6ab5ccd11f2b01969807b339dab66cc804c0011719e1975c47

SHA512
ed5c7d07fa3304581ce940736352a535b437d629d1f63fb6c0a1fbf27fb03db077dbbb52e87610d9a373c95b27faf805d5dc2a3424ac9b7384c05754718dcf56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
210ec33a80b6f812322744bb9afe1722

SHA1
872d98e93e2173fc90eb26271e671f4826982b04

SHA256
96433bb790cd008097879ba2bd2c4307f2f9e0d258a2948d09e389481aa9fc47

SHA512
508dc8da4bf93c39f49492b50bb47e8b1f247bf4408e7dbdd8ccd73a09c2bdec830a3f9c95830e3c457cf4076c87a7003b5548d0053b5309e5d3cdf33703c301

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
230KB

MD5
bd11106279cea66c52bede479ae8cce8

SHA1
02b38b11fadbe141401d951942733d58a607be1c

SHA256
68bdb124f42905f899ccf4f512d85cf05a330c8ff31d0720a7ddffce2a8958aa

SHA512
da5614b524e7c2e24819f0333f56aeb7598f3162c86dc0a3aa260fa7680c3592733f79d6828af4346d54f62428d74d68a9e76308f6b5a1d42bfdde7939784426

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3120_892116525\15c5e80d-6a69-41d0-a0d3-8b09fd1dbd85.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3120_892116525\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit