4fbb374c45732c88522bd3439e9415bf568c683236ede336b4e61d161155ba12

Analysis

max time kernel
91s
max time network
146s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
17-01-2025 15:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

KayKit_Medieval_Hexagon_Pack_1.0_FREE/Discord Server.url
Size

119B
MD5

50610cd085658c8cb5538b0a3f64e299
SHA1

04eae871705a2177565694be362a8a40275ebc04
SHA256

5c0e260497a7d7edb8c0c58d9669268d03cbf8886e241c68c51712e139c45776
SHA512

d63d872e9128e483396fbb6ec2e36a20811fa5bce3f5d03f819d2f36e53c024f1e1cc86f43edf37f67b56f6f3418f73bff23cc71427242598a9147f706f24bd2

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
1240	chrome.exe
1240	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe
Token: SeShutdownPrivilege	2688	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
2688	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe
1240	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2688 wrote to memory of 2260	2688	chrome.exe	31
PID 2688 wrote to memory of 2260	2688	chrome.exe	31
PID 2688 wrote to memory of 2260	2688	chrome.exe	31
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2756	2688	chrome.exe	33
PID 2688 wrote to memory of 2740	2688	chrome.exe	34
PID 2688 wrote to memory of 2740	2688	chrome.exe	34
PID 2688 wrote to memory of 2740	2688	chrome.exe	34
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35
PID 2688 wrote to memory of 2208	2688	chrome.exe	35

C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL "C:\Users\Admin\AppData\Local\Temp\KayKit_Medieval_Hexagon_Pack_1.0_FREE\Discord Server.url"
1⤵
PID:1732

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6e29758,0x7fef6e29768,0x7fef6e29778
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:2
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:8
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1616 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:8
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2260 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:1
  2⤵
  PID:2916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2272 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:1
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1472 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:2
  2⤵
  PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1464 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3600 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:8
  2⤵
  PID:1156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3624 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:1
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3676 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:8
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3244 --field-trial-handle=1380,i,17414730246525203101,9014438787329699475,131072 /prefetch:1
  2⤵
  PID:808

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2800

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6e29758,0x7fef6e29768,0x7fef6e29778
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1192 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:2
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:8
  2⤵
  PID:1316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:8
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2140 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2152 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1392 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:2
  2⤵
  PID:2896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1340 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3736 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3728 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2292 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2228 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2164 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3420 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3504 --field-trial-handle=1224,i,8326318667760822077,5489009729140807705,131072 /prefetch:1
  2⤵
  PID:1664

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2792

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\7f8ab8b3-521b-4dc1-8c0b-85af07d201b1.tmp

Filesize
343KB

MD5
0bc33bed55f9fb8d48097d4127601e0d

SHA1
d4136482e611507961f8ddfc3296d48efdccba58

SHA256
f5623f9ffe567d986b604ce70aba1254373a1d9d795759d7dca1d12b27294805

SHA512
f762029613f26e815b4d669e028abaaf463f689218165e2f908b09e5895e3a664938ad951b178afc3c4b30a75ab807897068f8433bd79152c058b49ecd973cf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
44691fdf709576c5467bd86b9d95cecb

SHA1
9c0e49c662f20cdd89217f1bb4b4ba701e659697

SHA256
bbeef7deae86cbdb634c26982101647e319bb03dce941d124f0ab0edc8a76de9

SHA512
e52fb7f7091ed7a21944c629081fa5069f47fc076911101e20fdcc183c35b7b460fbbfac56f1f91052b1d35a35e66ce2dafce70349ed34ca6f16ba1e1f1fabdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\6b654e1b-e472-4bda-a250-b8eede3ea1a7.tmp

Filesize
6KB

MD5
879cfe7682c77e6370b648bad819fc0a

SHA1
b724a855e1790ddc52cd866144ab9bc41f026f9c

SHA256
456c0b4a99c1cf35123363ce4e152b8278edb973afad2a6e3a1ad8f91c8df51f

SHA512
787596ed11db951d09504f3917c612663e0b1182a119d108cb2d3b3959a5a0b1fc1f727d25d3bbf88022c9b5d82fb7ba7dd37fbfa0e92724d64c8955521f8d41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8a08dbc1-ef10-4800-a856-5b849de49a72.tmp

Filesize
6KB

MD5
5c189ad9133202d42d127b3653a687dd

SHA1
04ba8a7a613fe3d6684719bb73e4f0a3962d18b1

SHA256
b50f009daac2b94eaf8286f7c9f1b92da2f43daeecf7fe16534dd57e2ac5fb32

SHA512
da55da400c4c3e37a129ec55c46c77b270b1f5afe2484c3f8f8048a3ae0b1da074bb64d7a9bf32b2fceeb165542c2c44fad9d17954d7209a43e77437399cbe98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
770f627423360480c2d0b697aa87559a

SHA1
5101d73433b60e8728d173694554e41c2b711190

SHA256
961b4b4dea58c3d36c3e7abe0b4d07f918b7a65377e4f9921841949f38d703fb

SHA512
1e723e77739018cb037108fb9fca33db926504cd6223a744cf20d96f2464dd2b43f50417f9879689f37855b9456de865398b3144a96dd8e5baedf5a965fcb568

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
7fc48b01dc1346f7f91630900b5bf658

SHA1
e81ea1e7dced23cdb97d0b7eb69c109e2095adc6

SHA256
5abca32e9d99eb06360596a6dcd0c072883f3800786aac190a639d5d7ff29301

SHA512
8b25522f8c37c0e3ae340260099e8b16aa415b553ec58c4529355a83de7962bce85afc8dae6ac55a2151f2ef44a6f6783247f7c9aea888fea3de247591dae826

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
3617f2a68cf94aee9a466f43b64354d2

SHA1
2705a2e2f3a6afa4880eb91025c68b66771025ac

SHA256
7f1ef58b1fbdab5d17c97a25ab1277e554f822ecd188c6e2c9d9cf73c46ce5cf

SHA512
e76e5607d4c313d1bc57d436eb2fc145047f3d84c71eb38df8c2fdcd531886641f046cf7e5b72b9f8c992b1d788bf971afbba900af130a290766d225645d1f92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
ce23c5dd10094524cbcfd32858ba1731

SHA1
b1c524133d4ed5f3d501ecb7c3e858d1ed56ffb8

SHA256
f870c6f53213952ecdf55e9c5ebbba2a1b68fdeea498f17c73301d7d71fd2418

SHA512
9f3791c1111907a10d2373bd979ec0430bc84fc85e4a8f9e95dc3d8c5e3d97f474b0a7f0729bc6c5572cf24ecae3f48955a58597de70edacda8faf6ae54f8b48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
22KB

MD5
cd9956d2b6201b91899207bb167832a7

SHA1
d446c9a6b7eddfb458390d760ef9bddc9b251139

SHA256
e357f17301202634bf112fbecde34147ccd4e49fb8e973831195a718cfacf770

SHA512
170ca2ec9fe8bd68ab005fb965092e20899d4b2a3becd84767e3dc49036a2e3af571c4a7fe3840d2a074b9960d2e9d0b55e26e87523fa297efca093718a6fd85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
23KB

MD5
02ace8c9d46dc9bbb939e071c91e93af

SHA1
883a9db4b0e196f59758a2d136204ec7ea5b2322

SHA256
c31d6f02f5896ddb35f0eb3d19387ed782738cc2966246f2dbb121a033fbbade

SHA512
692d00d5f3a79a13bea3d938e564fa55303979a78565937b932765eb7afd621a8fb125528da39fd8a214dac7d7ffc3571e0932c9985d2201117d46cd09e2ef54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
22KB

MD5
fafd090a0b63d928fbe8b3ce4e9260aa

SHA1
172120d138fb4c6afae97bfc0bae13d424fb7c16

SHA256
c0ff9308b0e13a3e743f56ae84abf5a054fb964fb3f36e52729d78f71ecbeb67

SHA512
4840a5455dbc8394a7d47f935aba64e5c23ee7157e9a00848a2a8bad1c604c280e4a56f9445c3c63bc0e778066dd3acff31b973521ca5384c487ea27f89ae71b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
28KB

MD5
f24c6ed9488a9b460cd598edafd89144

SHA1
f8c8d2ef4b09baee2f66917bf5bae3abbffc7c05

SHA256
dc8bf81ae6bf302018e167f412d4440956d65e1f993810b9a017c9efec4dd069

SHA512
53c57ce41a8534f985a4875cbe6122d96a450f58a9f849f05b86a44a29c64dbedd4691b8f46bf0553f7fc38bd487f7ede444b461b7b4a44ca37f4c2a81429925

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
23KB

MD5
f9e969a5ff052424471f3b3c656fd229

SHA1
516b9c1e8bdad02de157b04e194f8e0ebefd14b3

SHA256
0b6875ff3955b3f51370572fb12e0f30fb0581700d2897a107168069c36cd70f

SHA512
be950779d942725821775586979c28f5cd24b8490ca6a30c62ede38a616c1b4d0bf009f919ae432b833a34b63880017c8ec09663f9cfd24ba1f63f7d91d178b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
42KB

MD5
9f99d451beaef738a001906081c09598

SHA1
07bc95a20276c5b9ed3eb3e9555bf7ae8a551aa8

SHA256
d8d86c330a68d0fa63ce959e8541879ba61890638cfab399021dd183b7eca641

SHA512
8412b93b0888840a3791cf6f88faa2ad333c61ecc74699ba5a81a45a1175a6bfefe1c295a166bd1cc90189b00a16c5dfcbc7673d21255cfafb18ccab242bb566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
04ee72d3387faf29c74f84a3fd74fc20

SHA1
04cda131461a4b64a3590d485a33a2d08195f098

SHA256
50fdec5db6c958601b3fcd3e0d05e8d31590c2413cae6f7180321b4196748bf5

SHA512
94626b81eb8452fc575f943cff84c2478320194c4cc1e352d61954e48366196425d3ae54da931ec8ad3d2f3b9d005e7e518201778192da7c7a5cd295cb96f1fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
faef9c3b63f04470b46dd5c53794604b

SHA1
0be362eecbfe7253c93ab3180303a06fcb36c4d7

SHA256
4e33167fd7fc011d62d31ef678867bc876cb635c29389e26e357d5e16c0a4613

SHA512
2b9b44c68d790197ae9d2387cb7904fe9eb2dbf0908d91935d542302ae5ef1ee839e6462da1aa5406b8e78c5364a104bde315a821ae3b1ae329eb40bed96c6a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

Filesize
136B

MD5
3294680752b24f3e5b216841fded2419

SHA1
178a0528cf7a49dfd9522fa61d68089806577e52

SHA256
050d5055badf0e56907741b4bb187c1548a713eb364921855439ad967bb8d87d

SHA512
36de4aac525b226e1bc2f4c5e94456e0024994c13bf9a8edf931e6d72ec2d84bdf84caa6d4cc3007bf74bdc1369e01d93fa258fc1395aa941a18954e35645c76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007

Filesize
50B

MD5
1be22f40a06c4e7348f4e7eaf40634a9

SHA1
8205ec74cd32ef63b1cc274181a74b95eedf86df

SHA256
45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691

SHA512
b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
24KB

MD5
6d749507d9244b9761426ef304f8cb69

SHA1
2d624f3b3c234f9324615af460214b4044d68929

SHA256
4f3a5a51087fa8ee99ffbd226a74e48a02c8328f48a9e1dd69972e06e962d2da

SHA512
4823e1b5bca962f4c115b0f7c870f49dbbd3352665cb89a87e19204c41c972bdc50cc4fff41aa8eea5a0d3646310b55c548b89e249b2c5065b1d4e5c1fddaf35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
7370dbeeffe79b8ea02b7e6198daccb1

SHA1
aa903ea4c5d776ef05afcba8902f23037611df1b

SHA256
ecbf548f2ed59b58012d89fd20dad17c455b9a747cbc16dab6a668e18ba52f7c

SHA512
7319bb1cf8b9e24451a95128a7620c4690f17b7db0921afae659264778394aea8701089ee96ca23a558a001aadfde0d9283d4986bdb3ddf807c3940a9511d8b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
f574c51bfacd9dd2da08b4efaab3906b

SHA1
55b9abf41f213d99920f26091ec6da21f57f2d63

SHA256
3772230724f0d07caac6820acd41999fab9f2c64cf18925206101506820f27b5

SHA512
64360b2082ab47a5af1a6f97137852fe9b8510a45b5be533ade4bfef0279918065eb956f941d62cd5170eddcd6a2ee82ea26e4158ce8fd61784d2120ee537ae6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
6af814d9bb1e0a1eed520a94ab82fe14

SHA1
b664952bbaaab50ec72314d7deab972a77dd56f9

SHA256
a5b174dfe173a259468a7f5b428451bac1aa811cbd058705e06ae788459d4dae

SHA512
2537734c939dfa7e870368100cf98f933ca79963d4bc54ecba0a372e3fefe29418b3274db0a4c2a0ab19f2598b69968e157a37ef89317b0eb8f981d738c2c11f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
991B

MD5
1388ec87aaff736e6e7327ad6575e94a

SHA1
8ad4f93b7ed36f4c6f0fd1cb72cf867f5a6477b4

SHA256
a0f1bc58758375dbe52ada71233b631993ea2ddd169940c2f75a713a5dfe5670

SHA512
e0d351fa6f404d463333320ccf999eece04103fa9a7bfed1a337bfef0e72790febda1ff22ad0edd9369b9c0163fd587e6bfd9552cab91e46b76ddaae76820ba1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
849B

MD5
bbe8e79b61e09bb13e7fa1ec4683dde8

SHA1
0742b7347485f23b9fbde36bcc6844a7834846ab

SHA256
7dfd3bad54d419dd06ea83368cd98d5da35be5a42d8fa167cbabab11117fd14b

SHA512
bd84dafb6c543608b80b539e83a58c9d2a7509aef3893dc06d5285b38e7d0beceac9bce0ad0ab82f845055f03c708ffad4659e88c0ecae15b9b233d3ca3b02c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
3eb9419c01d88de9a7c6311752c5302a

SHA1
d4e428688fd9095c70045f28635185d12b294489

SHA256
6d0b8690a5b885c9f0c82b4ba6f1fbe01c7f1fe7107c2fe977c2979c173f3c86

SHA512
8af12d68d341e96985f145467ea54cd8dd342358e405f76a0eb1c8611ea5e9f9b75d8aa3070fdf786d9317b57371d2caafa2f0ddc88c6e037d67fb63a8f07f54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
849B

MD5
25a08f9988cb8627c64df100aefc0b8a

SHA1
f49e17af23fa3cebeec76da0f0caa9bd1f405e4f

SHA256
1acf96faa02b3775cb5f4c94abc1fc339fffe7ab3de8a1cdc55c795e059e65e8

SHA512
17254d4b351b376aee89ea1f47acc998ff485d98db1c652c1d7ae7edea50a936a26f8782962d37ec742f5ef6d2d0b47de8b5ac0805bf1534d45ad9e12179d526

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
855B

MD5
0a3245ed031ab7a872466677d5e71e04

SHA1
5987f14099e2b94e885db425493c3f7c5423b6fe

SHA256
6a915eed3e9ae5847c844ab0b18f0f4fd82d5fa345d4b7d83de7d9eefd472eca

SHA512
3880ee5506e0fe00458e2f8aa892083b05ac61631152f1d838b42e4cd9ca480a4addc2dfd734ba48e42468c3e32296cc7f31c6c82fd3158e591dbfdf271016d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
92998be012502b88b1c4ee7d1b3d7a58

SHA1
575a0a5f506c066194b1c7a857f668306c6e09d9

SHA256
a5b11c6fd235269b68282a0afb0e811f52ba91568319d0ded70781584142318d

SHA512
708038e218df557a3f7b4dbb7f302c1910d4804917cb3cc98319e94c9c317a422ed56a9e6ac686c04aef191b7fbdd97c612e831dc7f7dd1179def8bdee46b887

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d702936fd4cb3903ef33a7a01724e6ab

SHA1
6a2506e1e7f47117add7fd3fca3a92a5cd72d6ae

SHA256
ce7b24cbdd519d138969a9b6bcfbcd9ef9aa42d3ecf9c869e0f61030a58423d3

SHA512
9b0094d248f24d695a351c23c6df1b9d4dc657f0872ac822eaa7f230a38db2c58588f2097018d90fccfec4389226ad759921ce7f6bdb7aad43110263664a0e43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
bafe88a59014925827d75284b561cf7c

SHA1
aae8268338359621cd45961ebbd0f254880acfb9

SHA256
38f101a7d6532ad47ec9eb61a2053dbfe5030c16e6e5704b0f68cd12b30588ce

SHA512
24db429ec1beb4ab7b3fedf5f8b5980ecf90d63e1031a3f80dc945c346460ca08ed289163f32b623b95076ee347cfb560a0a29686d8d112ebae4a75eff1b948d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a75eb3ed8c7300b18a023930b7ff90bc

SHA1
e0eb00963f793e59b8f6a60c8cc20634be346a9d

SHA256
01d52ac2203173328d63c8ee5200cf20323ac89a58bcdaef43b844474b576f84

SHA512
f337e6eb66a5819e2d02f179e8cec50f8062abe160c93035f45cc540d16bd2acf7ea5f05cbe39fda7a0b484756de0b7de266122b3d64f9ca03eb3b2be71f8a84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
fea44bdbbdbd57b9491602fe5ebc7ab2

SHA1
eac8c3b2b03e203eec15e763aa76511659249eb0

SHA256
0a6da81ffcc3dc9732bf6a8399a0c4e6d63cdec0ec28dc0ffdb949aebf7f22a6

SHA512
f7eb84d27df24f0024a52ed1f7cecd9d9dcca0868d4674ab7ef0fbaf29eda288712a301f462c58f55276034168c16940043f4cc718fb6ec6b232b9eb3efcfb19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007

Filesize
90B

MD5
b6d5d86412551e2d21c97af6f00d20c3

SHA1
543302ae0c758954e222399987bb5e364be89029

SHA256
e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191

SHA512
5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13381600010864000

Filesize
2KB

MD5
5b7d665905fb73911bd7be39ef209ea4

SHA1
d45c65ba41ccbb11c38731f1a2935ed5c34659ec

SHA256
7869563617d3987f52f3a9814eb67490b744abeec9c88b341fe5c294fcad71f6

SHA512
00e195e55004ab6fa0709e59758c010fd1c0734bf3529fed494f13c41f61cc55a32ca51219d8987c2b1e978f21844fdd977789af584d2691241f8999bf8541df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000008.log

Filesize
72B

MD5
4682d84496f130438dd2bb73a53671c8

SHA1
76a5da32dcdd1142a123d3f9bc0ce471e7cd434f

SHA256
4ad8e1d59658a9b4fb98a48764d2d039e15502f8bf0e5cc27b00f3b1f56e700d

SHA512
1bfb5db701764d6d8443af63f2e289f4018756c9cd1785a0fa0d78e64a08d2011497faecfe0cfacf21f17264c979c641492a464a29b9a08959f8546e7c1f6a8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
7e1ba6540a30180c569f964b9b671396

SHA1
d5ef046a17dcfdb0484a0a11085b2c504bcb35fd

SHA256
1819759c1873dc0e46c91b74ec6ea6b54dc50911092d5b82bdddd3bed36f46c0

SHA512
3cd30d96a0d4876215fc2fdd13d3c85445beedee48cd8b121a5b7ff0f6bfb108934a62c8203450e8002307728b5e901eb1ae05d45f4755c3be2497365a133f6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb

Filesize
1KB

MD5
21d9a3fd61cf38ef9f6c66fb0d767c1a

SHA1
f134671454df89b7e099780ab8a310b3ea7328b3

SHA256
867b4518a209d7b95472fadcbc61151eac01654cd886af5ce55c966e99b3813d

SHA512
0a6039e562784ca87ad23ca733ff994c72197a43851e82d1aa2b26a16becaea9e9032dcae984e58249d49af8da00fea72434e76c2bf944f98cf7fa3c248afc77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log

Filesize
2KB

MD5
627fcfe7e0c744d8fec30cdd9b01f17a

SHA1
049cc09dbeb47b2187c5fb1f1094a8a6e7db1bc9

SHA256
ea0c7371f4f2f070be1dfe18ce2d8ede564e832f0aa6b7bbbd368e51c00affeb

SHA512
73279fafa0d1d1d03ffd4045cbaca50d10d398c797acd48b3cbaa218f3769e514e6cb27057a55ab93faa032a1b04f5f4708ab78108d967bc57d380b5e622f916

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
250B

MD5
5f318f90b80b5488331a3770d5df7cda

SHA1
c6ddcd8700ceca5f165c4fd4e75c31f9007f471a

SHA256
61799fbfa9018089f1b46d9a7ae43fbb5ee7c6c15b48531297ee91953a71bd0d

SHA512
31b01f5edc938e113a1f28322bda90c339e03076f64f2b756a145c60fce375877e5455c1d36f6f18f6858bf4b7e9d4c83b137d1f2ed7139d95f6dadd70f63c6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
250B

MD5
d89c771f339d7d96040098a218521028

SHA1
8293720bb676440fa860b840c1e9ffcb92cb8a27

SHA256
86e1b92b3b4f5aa4ddc6190987589c86e9bd40795082413472a5ec5bf6b2f719

SHA512
6fd5d0631c5544112af4f976e48a61201f027b6e464f11fcaf818f2e92bac501a91a2135be89552fc0c15e3c7a4e9e774fe2ec75a9742375f164f1e218584158

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
3bdabf44fb881a6bce5b97e37a68d63e

SHA1
6d1e3c67f8b1ed3a0a89166e2e7e658593923023

SHA256
bf10a7b9105d97f4e68e5828ebc259ca9b908aba59f2a6dfcdaff8a290b7cb51

SHA512
3a392a1c28163a09ba45bfbdf47027cf53a4f6a279bc58c152dbb947f77204263ca48a05044b11797c44237840ffab0173fdf16595ac25a8cb358f65f177dda1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb

Filesize
485B

MD5
2fa6f5c28a3ca98bf28ed0f521b407af

SHA1
94560e2fe33abfe368d2b75162d12d0d9454b868

SHA256
8f7659324c9763552fe6171a024464ce088ad0f6308a52f0adcb9d88a14fd097

SHA512
8108d8b7618b9b1d42a48540ae7c680db40d5e7ce16e74e6fde2a593b85d4601e5b2b201847715abf25ffc8daf0876f5a6d81f0d6dbf37fd88fa81e9832016e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
302B

MD5
fd795048d2145f3774bfc6dd875a249b

SHA1
63857028990cd6b019689912456c51588f1217f2

SHA256
62cb26f6792e2ea44ef9e855a14faca8c6b1edb7c9e222a694612d94e28d1dea

SHA512
69086da4c8c4062d6ca832b798f4f131ae3ed639e89dfaa73e8e9f8929e3edf7ae511fb01e1b2efc4f29209db1edaba3d5a0f51e43e21686b25779f6d9766ef7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
5feea836d587c7fa6dec4187239b3ed5

SHA1
6b85ccbc74a175bb2f3d2e1ddeb8120392e6a5cb

SHA256
b851e499c5f9a2fd663c7a55ba30efe6eac2e19f0215f3f53af9e146c59b9807

SHA512
1f67be4f815078fd40bfd60f53a5411b1eaafeaf78d01f1acc35fe3ff53751641710d393aff79153d9b1c7477babe8ad4d1ce3f4dfdd304c7dc5cc6e1be4a814

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
1c0c23649f958fa25b0407c289db12da

SHA1
5f6b10cd5a39fe8c30353bcf4cd4e4a60ef35574

SHA256
d5134b804a775cfb79c6166d15b5721d38ffc2da11948a6c1263595d6c2941cf

SHA512
b691e882018833a108bd286bc76c55a140d00d5a266617a3a381af1ceff01aefaef17acef29d14dec931d7051455726cde8974cd04cc07302f1c3cc452fe2f52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
318B

MD5
4a144f1de76af6d1417a5a999a852eb1

SHA1
9cae5f7224174fcf81120b93c46a3ee935eb1436

SHA256
2a4bfb2e69cae9977f401895a2c419a1eafdd1cdc5f076165d67263d27f81339

SHA512
4801032c2344c4ac7ce9ca7c089e3d0d0c25f9f218cfe37367494c80a25ae2c7ce6ddae6f150a5872e91f564aec1a8bbc1916d7fa0ba2d83cc84ba878d276019

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
fe62c64b5b3d092170445d5f5230524e

SHA1
0e27b930da78fce26933c18129430816827b66d3

SHA256
1e1a9ca70503efd8c607f9bc7131f08aba0476d75f2586dadb4da5485a5315d4

SHA512
924daccfbfb0c0464b4c5fd769e01a8f2e96fe28b635aa27ab4cd91766b05b03bbf941af14c017436107673f01bad815ce1fac2a649e745c76b3c736994b4fd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
5b59f4ae6d36c059186fb0cab5e5b5e4

SHA1
dff9ab578a48ef815f834aacb5abab8de389b525

SHA256
47bd34cf44cc8e500e042f77f6a1394a137a8f33dcb3cb00e0098330c4e01527

SHA512
a15e785cee47c8e066607b615612aec60d92468aec1e710bd9c3a9d2c9ff5d97d45cb61c3a6c3c5b1aae7ddef27bebb605e52d08586436af5680e4798ab48a65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
d5842b6fb90a67708c353f0f3a33be85

SHA1
48a9e06c9bcf2791ac6376622d6dea179689255e

SHA256
c63523f14d423eee3b43947283056d5219edd0c63318007b1b876e24ab101d03

SHA512
1a5f288211bfdceedc802fe9de9cda4596d3db06222a742600a67262671f5084feb4ac797d39a10c02854590f680d47df39cd81bd41312a0807db597beabbaec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
179KB

MD5
8e7a4cb35ce3b6321e26b008bbd4915f

SHA1
06ddeed98c95a5051e0bf223683ac6e781605565

SHA256
2fd8f049220e058a5ab787429143daa4075cb771acf6b1555531f16a72331661

SHA512
4b129ea785949674d62e911ec86888d8d2c2f5c117a49bd754639469266cb48aa4efc5eb981ac6a09da01c81cc46f52279d6832417490bee298ff3f3c4d3296d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
343KB

MD5
1874070fc94ae8873a6a2905935ae318

SHA1
c4d162c2b1260a42cc79f779378d8baacf3f296c

SHA256
547428294f4a662b62916ae5227964d825eaf91c81925781016177d9beee7e25

SHA512
305c439261ac1f41f87bff52a8d108f99e491c0b51ba64fb6cd2927fef0ef46455ee818044d766803fa9bcfb95f5334a1c1bd7e10bcc311091eee7459eaaa5c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
91be080d3ceac3b34849e2d40017b632

SHA1
e15b19c6cf1a0c6dabee4ab6dda73431915187d7

SHA256
75d4a66ec2dc7872fca89b13971aaf841b45ea73f57a29bdc4c0e249a670654c

SHA512
470355ecbe534919dab0879ba3dd6cfe4e2ef89b5f00db2cdc997382c5e6dd216a54a92c441be6b96870274eb243ab2eecee201b13afaf8ddfb00260282a9412

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\CabE64.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar1625.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit
memory/1732-0-0x0000000000420000-0x0000000000421000-memory.dmp

Filesize
4KB

Download
memory/1732-59-0x0000000000420000-0x0000000000421000-memory.dmp

Filesize
4KB

Download