hxxps://uk[.]varsitygamehub[.]com/home/tournaments

Resubmissions

20-01-2025 22:12

250120-14wy9asjhn 5

20-01-2025 20:38

250120-ze75jsxrgt 5

Analysis

max time kernel
269s
max time network
272s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
20-01-2025 20:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://uk.varsitygamehub.com/home/tournaments

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks SCSI registry key(s) 3 TTPs 4 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags	chrome.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000	chrome.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133818791582769610"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
3228	chrome.exe
3228	chrome.exe
3228	chrome.exe
3228	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe
Token: SeShutdownPrivilege	2644	chrome.exe
Token: SeCreatePagefilePrivilege	2644	chrome.exe

Suspicious use of FindShellTrayWindow 30 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe

Suspicious use of SendNotifyMessage 16 IoCs

pid	Process
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe
2644	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2644 wrote to memory of 3564	2644	chrome.exe	77
PID 2644 wrote to memory of 3564	2644	chrome.exe	77
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2756	2644	chrome.exe	78
PID 2644 wrote to memory of 2008	2644	chrome.exe	79
PID 2644 wrote to memory of 2008	2644	chrome.exe	79
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80
PID 2644 wrote to memory of 3068	2644	chrome.exe	80

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://uk.varsitygamehub.com/home/tournaments
1⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffeda3cc40,0x7fffeda3cc4c,0x7fffeda3cc58
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1756,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1752 /prefetch:2
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2032,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2088 /prefetch:3
  2⤵
  PID:2008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2140,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2364 /prefetch:8
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3132 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4764,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4772 /prefetch:8
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4424,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4528 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4984,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:32
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5340,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5012 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5264,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4896 /prefetch:8
  2⤵
  PID:2360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3184,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3808 /prefetch:1
  2⤵
  PID:340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5220,i,2594849175614420017,8221033504094092773,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5324 /prefetch:1
  2⤵
  PID:3276

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2468

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1596

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004C4
1⤵
PID:1380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
97f99862be9c512ba22f4489446f7727

SHA1
472692188e49d73719ed87236be275d79453248a

SHA256
25146b713f19aee4f7b495b91febcb1fc9b3f386efecefab5b06578cd06de755

SHA512
6a3230a66fc2cbf9c6ad7d968f60429f84ad2bca6beea221c85a9e72e1e461240ade31743efa41360696aea79b28de690a332c5bda0e2dbedf585af08a99e255

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000095

Filesize
33KB

MD5
a256e787610b39fa46c216c3d579273a

SHA1
bac8b0841eada1e923a14cff516a7c979a2ca1bd

SHA256
a1d6e522be041e25c088e204c3e39994c78e00809a9df156fb51110bc806735c

SHA512
529d808ebea6a47ab0f3c8b4341ae3dc9192a35e60dbccbb3d33875d08710a3be6b2fd55d919ca982712940c2cbc8dbfd9d02d7a2b8d07fa063f82c99a5fa806

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000097

Filesize
95KB

MD5
2925781a433cdc5603d0aa5891c961cb

SHA1
e6820222d44cd784e93fd135832a921baa51e941

SHA256
b1075c22d8c9054499b78df3d4b0d0e15cf6eab24676f507da1597b0d10379c1

SHA512
b0e21d13b27cf864125352ac084d111fb21674d2136fc7adade0e2ac13b919a613fd0f94865f7ec428cb978da05d0f565f9b66481618a1942379d90e27be22f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098

Filesize
38KB

MD5
4cc574d36ad4c961885e3f1d18f78601

SHA1
9f8bbc0f714dd9a0d7f9bb5fc5f0579077cbac81

SHA256
98e9a5621331ad20b26fdcbaec37d7e99641f3e05d748891a1a1ce2f9db22bd1

SHA512
d7676aa2e7ecf48e1b9eecaca92db4799dac26ae00e9a91b7c02587529cad7dae7b98bf801b888403e5ed6940acf25a9095d4b9c11a85a5697ec2df1801e9a78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a1

Filesize
716KB

MD5
424af27d9db077f84326a653cde071f7

SHA1
3f5ebf6edc4f260c67141bd75a340d4f76c38cc1

SHA256
3c21d40fc5e58e44f5f04eb9a5d5bb651ed6cdc10e3ff3fdb752dc9dd63370bb

SHA512
843230947752b9f5a4f819fc41f0cfabe73e302eca65304a1227078e731078e2ef85812fd78b445eff4f76c2fbe84d9cd4cd11e10bf7cc58945915388397cd25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d1

Filesize
368KB

MD5
c50f60f12cf0363e339f4d1dc79c91fb

SHA1
38dea069673feb6990f8a3858a0123a011b5e7fb

SHA256
2271099c3beae9c702e84612c26cd975442ba464ab09668d5ff09cec949ec96d

SHA512
e6d97e378a9e162dbce5322ef4958d584958e8c13a78f276229f98eec857611b2e2f83d4f8112a5a793adb1211a785032e69747b9aaeb029f583edd527322aa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00010b

Filesize
46KB

MD5
d8f70f8bbd864148dcbc994ba96e17a6

SHA1
0525680b02e70ccbad2bb6c2730fa1540b8095c5

SHA256
cad3e3930719ba23634e6635d732c7a3cd61e808bdeae58239924b36e20cf4a1

SHA512
fd9040c9adc69f122b8b8c9aa2f13154dab59bcfc2e571a4aa0029bbaefe348272f31ce2d3c66b218b883bb45df18fccd500df69f6ef42eeafd821ec490cfc30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000113

Filesize
567KB

MD5
72399f80551960388b15ec527ab92b41

SHA1
e6e0241e1b227f2ab9337a3f7ee861be854a6002

SHA256
7a6e41c4bdf13e1cae315cab0744982f96f3b4fb16f23ab87acfeca502d0275c

SHA512
2f057474becae7a31c3937566524bf07cf827cb3ae2aacc286f0a416b9b00c0b714d9275ac9261897a54c10a0ca07abe831f3e1cb72509e321f1ed942b05a79b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000197

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00019b

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
55f60bf0593969042f5426d66515ce18

SHA1
e39b8f1439b465e32ebffa06355ab85ceab74cae

SHA256
fe3d689ecdbdc84e98ed33c1b6166bb919bba9d19c0fd00c8376d908ecefcc8c

SHA512
5147da103c3ebf85b49c7afc0eaa4a0eebbeafc8b726f9d090394cba08f4541212b51c5aa24de12a99015480b5d5e3b09bd78ba3eae373ca5474c6ab9d7fe56e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
288B

MD5
82d5af86a7154293c0555a439516712d

SHA1
924c76372b7eec99503b1beaa20942b8b2046d5f

SHA256
ab966541fb1c61a7f75236b349db7bdbe798bbb6622e89fb5c72402680b4c871

SHA512
cb0d59b6522d2c02d03e566bb0a14e2caaf046bf0190c59463abf652c1fb36fff60d34ded24d54291d5362958907a8cee97cac681e4d87eaec328d1dd00cd8f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
2aa1d5469de667145e6731654bbf0eb1

SHA1
c0957c3a46433e90669b808b9552ed78dd9b9e93

SHA256
4f4dacc7e096201af3060b58550697c4aeeb5299952db2a95e8103ca4948031c

SHA512
8b2acf34e78ae225d0f63305ba187390ee1c97bf17776cb0df2593c60340e5ff32d93cb81e10a2aa49192837479a7b6cefa840f73eff55070b38625149d1990e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
2e7115a620c9bbca4b28b3b89b87b445

SHA1
a6e667f8b08e32d75474a711be86aa7cc0119640

SHA256
6c282821b462df07e18a4af7fc968f56eeda263adbd36b60ff4321827a8479a1

SHA512
81f26902ff195ed8d1981ed30516a9b590b6289c527a86f47a6accc219f36de74bfa61e5bdbbba17aa901c1a215ce6804787758d97fe843e3d68c3fb6d9eaf2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
87e9f30a13a79adc7fafdf42e8ad6e30

SHA1
8af48c6ab2cb8edad05acc4dc4508d7347f1b47d

SHA256
ad90f2cf352ff6d36a2940ae92f121db35e8250f01a12a73731f97e826d8d23a

SHA512
a4a76d79c7317324ba18a3a0fca454e56e340bfe80b50f2c6ad962a9db9b10188806821cd639243bb7c08b3b950a88773bbc4c372865cd4135a4845a03f3a74a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
1e4648b056a13d811ed310401fffd8a9

SHA1
b0ee8f368dc7e39a4857915a17ad5fcb32b6e18c

SHA256
d3b11b864501e5513c2ad07b88aaa1181931f1600d79c158d1a4c89afeb44c86

SHA512
c619bcb9dfcd5664e40257244d1e4c18d012379c45631bc6209acaac805d285355d99b2e3035223d63609e8b557fb37d9b9fd47fa77d9822924d0b7e4cd764dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
65983ed5bf0006fe8ff65171b9ac6070

SHA1
ef7862f50167a3b9d3a7c19aa5c1f11ba3d9b307

SHA256
f9bd2c570340ad447245e3364b104c00d86faead8fe57e734a12d1389d370219

SHA512
715dd9e29762e16bdd4ac4b8996a440a078f0182e7faf360edcd75a522e5e60a7d31ddcb548e7730c3bb946bfbb421a3247e6c213ffc4b5b97dd37707ac24426

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c76d6875df84b094510a908216be25cd

SHA1
5b7444d61c7ec0223ccad1c27bda7e714cdc3350

SHA256
f0546aa2bf17b616a842284ece3c4f50e981733adbda8c64f42b9df04347f72d

SHA512
6a78e453ea42eeb99a976a5627081f543a2f06052741b4432e01c6115887f0c2796ddfe41370fda368e97b3dd99120ddff8a420b0b254427c81d7ba34172d040

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d6986747ba96db3860b87a942b6b0e50

SHA1
b6a7238c28d8da7df151a71112aa0d5c1aed3ae3

SHA256
a0ccfab89654a1f5e03730001a996720338bbd1e2490ee9d7b1a4abe8bc75a41

SHA512
c31296c5dd52e211152e9a3d9985ff811803316135e87f75a76ef7273a06ec4fd1f56f2fdae713257390dc45a3981ba885e57e4467a8eb1c6ddf4e609cb2aa27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
935b423b5f0d947437fb272ae2515276

SHA1
34951485954004b77405dcb3ebda16755eac9f11

SHA256
88b38e5911875a6f6d3a6721f28eb7a9bd4d89670d3e4e16f287e5535d2c75f7

SHA512
ac9f9c0f8e48a6ae11f5abf6bf2b8011794c7ee0bfb8da5e554458249cda0007ec91c1946901c69bad66895152003c7e7d4a798a6f693ebf943b270de11c1e2b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
47876a3a74f39510c52a83bbb27138c6

SHA1
258646df65ee53b7dbf9dc61426de1b10bfe51bd

SHA256
166770acda9be65014e0213d823432facf94ca29cce2e8f2602dd889f124e22d

SHA512
ead2e9b7547df98d529a7040b79b8633090d803e14b3dd9d7e15f0b0b0aa625ca7b7010c21ddd73107d1d6a48cccd83ac869fdcb950f553db8beb9a841eb38dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ed148f983b01fcd3ded90444444e453c

SHA1
0e298a1ed2be4d41ac3b9c28c4e9adbe6de8362b

SHA256
e49dfffbf1a4442201c4764e92bd31e11e0c9581eaee9c184ea091ba65597ceb

SHA512
a5b6049078f7416d88237a7a2ce1dc6b9aa0f465eb2da8bf702e66db5d2768aa92029bfd888b4d8a3b7af8aa489ff15a41ede9e98554dd466b8c277e67a7f215

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e0f434472ce254c18803dda914c7d226

SHA1
da64d031092f56b5ef03a9dba5061fc5e494033b

SHA256
86dbe791506d388903a7deae976fa927db9a8f3a8e93517ab6c5c5a430edf557

SHA512
a4b5f327204113dae35fdc9e6eaa99eadeb9247bebe687e13f79b208047a3928ee0a2ed7f9a715a15d396db145ff186c0adae263fb0a544d9e1fcb1d3f71dae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a86d9c4669d46b3e7571b8156b72e919

SHA1
f072e3c25fde513a12d686f153a7e62ff87f829b

SHA256
3717fe269c52f4c65302097eafdebda3ef316d7aae90a1645e489f33378dafca

SHA512
a5379303123f7c056610f79ef156b4ac2cc552e9ab52dbe1d880d7c96b9bf6357f55fab472bdcafb8e777760ae8ed3b9be177b27c349e90b05bb946f261dca29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d175f418c524eb723e37d7fbb72a3532

SHA1
21179f41192073ce09c2d1569aa7c0d4dd80fe3a

SHA256
42b74224b5640676e9e335c53adc45433d18dd14112ce5852a9222f56eb43536

SHA512
0e232b3ead8712de1d3347ad9f32ed7766fbc31d6e0be3fe08f3a8d6f568cc935ed73ac7e93ea54f70e874f6292ba7965f458bcfb343d3204f7df8c72835644f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
f34f01de9304bcfb32d2c8ef998a75f3

SHA1
6955ed6066811d8f1acc05b68a461ee87b34fc26

SHA256
5a70aef0db90b7ce82f4dc4e70aafdbaf5b4fa9cdad68295715668e5f7d80678

SHA512
5be680168ee410a168b30c37afef1bbf9e4a3f814394230510b4745320c4259cbc8ea17b4de26b3e9aa57733060031a52937805f877fba17cdb2686addc47eef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
b86b2c6731137f14f04b583722b2a3ae

SHA1
85a1131d3d46fc952b9b5ba08889f6784d2bf7d1

SHA256
f67c9cf0c81f2ae2e698e1273aee849404c0d55d42f8299c32b7cfcb1c339b89

SHA512
15c9938664e62fcf6746fd385be2518546b67b6733919a9dee83b7c9e03b2cb8488fc40c0269840e412986b41c1c68ed7ef671ca6222367882387343180b02c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
fc0a646c668f6cfaa744b5e0ebcf527b

SHA1
4e92bc7833a4099bdae85aa2b22ab5defdec64fa

SHA256
983adca548e7bb5988b8afac6b4609150a64ad45ae99ba42bfa4f80fd737f28c

SHA512
297ae5d1f28f5fbfe595e451a6091cc54e213a1fe82caa7c52df6ff35709fb8949f998e5e7af36b3e8663ce9b90cb0a008fa20774035a0ada11b516f30bb10ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
a57b8d444cc3c331404659b9c78155bf

SHA1
8a4f0ddd92780dda8697c05992f9a6b058d1b3b1

SHA256
34e18fcc1fe2c2a33ff2e8df1a087dfe2d3cb2a26e835085e2a58e612f3cf17c

SHA512
27998e531cc585a260457a409593f6837457329c28f5a7510581ca1ba3a72fb97a9a9018c107f04f24e652b5cc14c773ef7dd13eb8fc18bd794649d9446ab2aa

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit