hxxps://areyoufriendswithdavid[.]xyz/

Analysis

max time kernel
1769s
max time network
1588s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-01-2025 15:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://areyoufriendswithdavid.xyz/

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM.
phishing steam
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe
Token: SeShutdownPrivilege	2528	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe
2528	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2528 wrote to memory of 2548	2528	chrome.exe	30
PID 2528 wrote to memory of 2548	2528	chrome.exe	30
PID 2528 wrote to memory of 2548	2528	chrome.exe	30
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2756	2528	chrome.exe	32
PID 2528 wrote to memory of 2736	2528	chrome.exe	33
PID 2528 wrote to memory of 2736	2528	chrome.exe	33
PID 2528 wrote to memory of 2736	2528	chrome.exe	33
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34
PID 2528 wrote to memory of 2956	2528	chrome.exe	34

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://areyoufriendswithdavid.xyz/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7b49758,0x7fef7b49768,0x7fef7b49778
  2⤵
  PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1144 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:2
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1420 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:8
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1476 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:8
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2080 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2088 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2804 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:2
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3552 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:8
  2⤵
  PID:304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3620 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2424 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2812 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:8
  2⤵
  PID:1784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2744 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2320 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2164 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2092 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1580 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2816 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2320 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4028 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4468 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4528 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:8
  2⤵
  PID:764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3940 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1828 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4000 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4236 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=3908 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4452 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4796 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3944 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1044 --field-trial-handle=1280,i,7082288799822411641,6520517666580707044,131072 /prefetch:8
  2⤵
  PID:1196

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3056

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x484
1⤵
PID:3028

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ee9f43855fbf4489a637f8f94721ce5e

SHA1
df175f0c79d7383595dba17166857f8b4d470824

SHA256
c256c01d4b500fcc9768c5e4f130bbdf6819c25be46378939f6d9b082597d45a

SHA512
8e2ccd2bfd7809602acfae11493c450fb9d7efb420e85011328782e11036fae1f6d77946ffe1661570b94956fcf7a90ad86d475f9aa4530f27421471cc967638

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
5e759ad70d87eabe9e6f9704a8c68f26

SHA1
9c3b5cb694d78434dd90d7af1f7213640f054a7f

SHA256
2e54e09b8590562e874be07c9a811a1b8fb4d8e0922a378fc8bbdbc57df1afb6

SHA512
fef7b6e155c33886a97e442c59bf76b7985c01e3645302565d17a1bf5f5402792c8b8a8203b3da1ee6c345e66cebc8415d7156805a4f6474b987ce91cf74334b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
a426e4b652527648f6eb5ece3666230f

SHA1
a7340afc8057691634b9b1fec4c9e96fb1a7db10

SHA256
5d46961852a46000bea28461ec2a0d1f6f2a4fa345b4204f93d1d66b4bcc4ef4

SHA512
e2d62affc3171cb5c7559e274787a204e4f60134b49a6e4a991eb99f65c62b919341f2464bc47c524cb0c2a40ffe791c1138169609ba25fc833f7a68c24d4f69

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
d1db918b92abaf04d1190088f3d871e7

SHA1
cd13941d4672e93c2eeae853cf39e2671d0d46b0

SHA256
61abed5bfca5a7b202f635820c4f4f871d32a6cf2b878b8f46aa5692bdf016a0

SHA512
34dcca3e953654d82ac97aa0d17a72057024e56cd4a65f0b49d6d68fea026cb95bbe7edad97a5646f6f0c31acdc990f7ba6a37e1dbd3b0491306cc878a3cfe4f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
fa13e79575e635dcc803f8ed9adbc017

SHA1
4b0ebd9e14a1f0d7c6f745b770b7928568ed11e3

SHA256
5903f2472d939466d9ec99fd39295c11b9edf48f80d9bddab10ca4a97ab59ab5

SHA512
b5f73f023ca0bdf308a9b80dd6ed5490cf813f006c59da44a81fb7d3faa7445264382f8ec6a8f24c763f40ee447886df969191a8f19a2f98b4850f0f659c15ce

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b0d9b42b8a5e3a94e24fa3e925d29d3c

SHA1
9ab332354274e0b8ad56f9744e0bf805f939fd65

SHA256
4a88315d8502d98a88adb023883ec98cb9a2687c3b90400f76fd0c8dcfe37143

SHA512
a43294af83ab7cc26f6288ef771da8aa1ee7f6d9b3fe82555344085b0408d783cbee11d932fb0c9385dd265a1fadeac28f787380e16a077adca0fdf6e6b2ced6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec09745cc25116e245a136c899a2c86a

SHA1
0a8d9f0383f3715f17629408042e78cdc7d4c386

SHA256
567bdaad14f8c198c071cad411527a1133d57b8424be3404f8ff621eb94e7b2a

SHA512
ff8c1084e61f7cf388f90ea10f2057872e2c3e3ea93c8053d2a5df70e79473fb70b2c8798969e0c459fdaa77193fc826c5dc814f707f980917afd91f62ba50a9

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
b6b47cc2b72c45a1e4187238e1789271

SHA1
261d2e6756069e682e05c06dcd0582b69c463373

SHA256
d6a61a9e78e4707861a0380bef5a69d4730fd45d67a7053dfac9806745564cc5

SHA512
55ea7cbeedd2952ae13fdf242c77eae87449011925a46a8366591c185d20be23749593f3a42a4fe26ee402239acacb9bd0b06805d4e77a5de7f76c4535a65e55

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
1ad0e6a62848472cb3a8b30e91f63606

SHA1
ed456dff6503ceaafad0c101d61d07aed1eef4ee

SHA256
ffa14f98b27640dbd842cd71f421b11e474c569efdc575b3d7505a670122b617

SHA512
618209b950da3deb7414f55d2a77e6d7e4d6ebc1ae7aa6d559a6ebf3ab0e5cbfb468597275106e6b62e754f92402bd171b9fc5331196a0ca43e7debe2536eb83

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
7c83dff1747d74fbb172a0a12e319f12

SHA1
0706587b3547f70c81e22e35716835f7e43fd9e7

SHA256
f2010912f4af47856ba5f27ea520b68dfcac94775fe1dcbd9df8dcbb6b06e5b4

SHA512
5c8472aefd88fa23a0cda0429a49a7c7d68e1645da2617888216373178aea217ba2fee19228ccff4fa8fe6ba9e945af09659be201fc43bdcee162dc41b255811

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
62f2d17a1adfac381533041e81d2f14c

SHA1
0b1a3fb23f78185eb1016c59f4bbdd478c86565e

SHA256
36c474ca1c3dc7df0b58875bc278d2fc88c7be25443c70a70215cc62d277732f

SHA512
8adf6e98739bc179587dbd339ec12edc126ba11e34542a9c4aacddf2de982949c87e638e5fa1c669a2702be614b438b26d223b6d33695e8fa8e94e3ab6cfcbab

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
941fdb5da62c1f25960124bda0af26d1

SHA1
d18502ef95b90699f0cd52485bf007f7a6f0e9f8

SHA256
ac0c2b25fc547f9a916de69ea105abd5cde670d15fbf6b7ea22a566890a9f630

SHA512
d866497ca93add8aa40df0eb95aa0b8de6f16a7f3662d5fbd0297f425fc3b547f08e9733553771cf91f33423ab29b6e6b56ee3f04343c84d3dd6bf9eba2e3c1e

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
c6d5107ae5752ac98b004af7aa0d9520

SHA1
a5f14cc50f5b2d6ce7476ac35a0ab1b8d8b29aa7

SHA256
26909c500d5f072edb7ffeeb2add2ebd0013ccdc772fa3216a461f1c8f3076b5

SHA512
e069390a4b837989f3d89e120fd3bb2c0fe0865f3521ef082611e38c0e0f89b0fdc55a84258857e6b8f082a79c68de37aece5db01bc41a7bd9e165f9588e1ee7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
ec1ac47de04812f196aa47835e6fbafb

SHA1
f46b0880b9c95b558e56d778fcafac336bc9cf05

SHA256
600595a1bb64a0c132a1a3514a36245a6e3e607139ff73ac40c96c3406724766

SHA512
0d3e79b2f6afc37486d307711bd99550a5c755fd62f4d2df656f76599688888ca064d846afcb39672221a7411b5319f62f494e73add9819f77d4efe7967d13f6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
2693fa34af4087f810f50f07958fc416

SHA1
e020e95c91f45f46afab46ebcf3577eedda0104f

SHA256
9ca275d63e22f6a0cfd21cb2f941d4074583d90561159d3f330b3ac3210d29f5

SHA512
38165712e6fc6c7bc0eb18b854ed44b73de4d2c3ada66bdadce7d6dcb2ce78d2b5e9d662d26bea77119719ab81b0df90b29997841baa4bccf43825357b905f3a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
94e4b2d437d0e08c3f4c398dbb254f76

SHA1
ab88c0c64415fc22c72ac19a4ade54d3cecacc16

SHA256
dca5c660f4ad86d3703c5e420fb0235934e905607da9d49f2f8041f53bb985b3

SHA512
c667806db0918259a2e8a3bc823b3865f09d4d4c665360dbce641a4f0684b1f8dbdc852a41f59c94b4ceb248482c90bcf3711674cdb4ccd49e5cd22b89bf783c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
9d9ac69905ae1c84cc93f404076a5086

SHA1
d78e78605aa59536d7ff36a5b810a1e3263c5454

SHA256
cdb203dd98b1ec39320ee312e6834b4adb83ac45a5a78c5cfee6dfb43753be34

SHA512
c67427e7f5a89d8f84645584e6abb15419bc773c715448ad8c461f8d3d8efe5ea14af9d78b18d0c46073b787a3e56694e0db60de90ddc3aef04f7d248a3d4b84

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
634cf2fc7163eb65635d28b3e119dc2a

SHA1
0d3c3c28fa810fd692afb4230e356c656f1bb455

SHA256
6ca05b90afc3ab35980a38ac4c20efc8b71ab4e8cad015b1b2638e648530694d

SHA512
38dc5ad2b8434143d02673f17ab01a7102884143a7208eb108c7125f1dead7b119b92cbbffa52193d9ce6de502494df4c6a7c732c1115dd8604fbc8fb11cf557

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
87fd3db6091e48a64b15725701915b91

SHA1
e8d8d76546d13a71cbbeff129e74abf4d46dca5e

SHA256
045c92ad752490b454ece9ab8e4aff6968b3606e1fdebbe8be4cf30ca19a90f1

SHA512
4fedc033644f868d39f744d896dcf8f70851670f62fdd12a60a0fadef18a27d1a7a9206b12ab01496a7e2d965d43a9f654d5c6fef3029ce0d07bcd15d61d294d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
3243a26a068b83fd8edff3d7cc838e63

SHA1
6f8c0fae79103c87a8d542bca4a983c3b8e6c9b5

SHA256
376e865617a870184e5492d7bf758af84ba3be729c9f5bf00f183ae78c937010

SHA512
e5799b24c114498ebea5547303aef38bb6306c103ad2dfd2ae95be75cde686d8e13226b44af5bb78b7ced0773b5a3edb56d5047e7bff5ad5f9ed78a3c1210235

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
342B

MD5
33940c897fad9b2d7bb97220d97c08a1

SHA1
2c1b365e690861cae2cb017566bae6b9a7a7db41

SHA256
a7050d939b8fb1db450e4e40f6ec2c317e906299ba3f1b6360856535a4039db5

SHA512
ab6a0bb15a8b9e674c3bdaff1c032d4080cec0e75e842944fa8281ee7674b30258bf5e32bafc94df78ea19d845f4f23497699f2b19cedadc1fcc5a057b3122ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\03c64bfe-dae6-4a6a-8684-175fedda8990.tmp

Filesize
7KB

MD5
2db7d458bca6bcbb3f18861f7de94c78

SHA1
e539a4fc20659b2f4c0fff56e2254c98630fbff0

SHA256
36a344397f281c75680cedf19cd439a6a5911440ef8fcc6f5073d63ddf8902f8

SHA512
98f2752bf5dfa6d372275901b934073e39bd4c27cd92746692a9493b5250e97eb3b45484eff3f4f1c59d7b5abd2def87a4d978fdf8d7d770f91e71316399d2a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
41KB

MD5
3bc2b6052ff1b9feff010ae9d919c002

SHA1
dd7da7b896641e71dca655640357522f8112c078

SHA256
483a3494759a05772019e091d3d8e5dc429d098c30007d430639926c3ffa16e5

SHA512
0b1632b73fd87e8e634922b730f83b7950e9a39697a46a3429f0bebb3f1ebd14c815a4651ee8f663a437d00ecbeb6ddaa47b2fcad719777edf1b1de8a7cad0f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

Filesize
151KB

MD5
3ce1e17ba665dd0e233e2e0c36633cac

SHA1
c9eaf33d285b64ab7167a963c9d40f669b49c2dc

SHA256
f0c64e957abea6566c15b9bd693eaad749a06eec4f252f55b8d16bc01dd7cc12

SHA512
34c19883221aa5c08591bc17a0a8cf5c92f1b8855e8a362bfb944da288929e1eb96ad750fc46be477a6eeb33db4a437fb37bf9c0991b2b3327a350417cc2bc38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

Filesize
20KB

MD5
fd2bbe5dfdfb4bbcdb9ce5982fc99462

SHA1
ccfd2f8025109a966b11efbbf7d5c93abecb74ac

SHA256
4ad69182532a6895fd3b08d71f98781236c528ca71d299e48b45856635339aeb

SHA512
257bde98abe72ba36f018f87336c63a2922a4e71a0e5c1abcd2b1ff62ce04c301cfe90d772e4370803fcc45a7057767e2999da92112a58d309378196c148366e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003f

Filesize
95KB

MD5
8e2e47719e2748a473745a659c776488

SHA1
d57d2d6bc721be7830fb735589343d2e6631b6f9

SHA256
da38725e4f059e1c5cbf3242dee98fbcbdb42fd40ebbbd74812c94279088ba0f

SHA512
016f7b77dc439115f1827a1162e9773cf08918359bf91fb9feebc70faa33c8ad6040387620dc792fb565d12ba4ac5ba934804d934266c048ea0e4f600a5fd096

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

Filesize
127KB

MD5
217e4386ec7db5e230ae57822e043dcf

SHA1
4af3d0bcf32a69f88e3b2d986ade593362ad2a4a

SHA256
4050c927f0e501befedeea2c71631a52b58225e009d282bd339cc70e2d783ae2

SHA512
8e210a0a27225c296a410505180b35f446a2b094e3704648633365418e2f60061c900f259ef9bc44133e76a1dd2cdfbfdf89cef1df26205a15f3f5e1c446d5ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

Filesize
28KB

MD5
1752326ce45c039f4c5e81ea24c27c35

SHA1
4a22a9151c3c94d170cd3d23659e8e1a5a6f0070

SHA256
13dac981c708b9d1c6d7be7666ab5ff34718fe7d1362428217e88c75530774ad

SHA512
7ca5eb8b11184b97b7ecfed373420f7b9926839edcd36ea6bcc37a09190478175c49d7cfdb6dcbf1ecc8f2570feec9a0ac8aae08442fddef7986330043ff2d08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
9dbdd522945a53ad08f12e236002346e

SHA1
cf91e7c9a65e0cd28d66ccb1eb86e97ee479470d

SHA256
79bb57414edcc089018c171acd7f4d71a67217c4bb33dd03501c3c0258fbd75d

SHA512
b49721aa32c54c3c50f1e16be3b2d208f82d12a18e72443ade02cc2d5cf4a23a45328806261710f8d2ac709389a66056fea29a140bda689cdf608640f44acdf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\7143b7e8-c225-4edb-89ba-66e83e261453.tmp

Filesize
11KB

MD5
3b0e7f6d21484eaea45836279bb6f2c2

SHA1
079948e6c8423abbc6f5b4f41ab707d3d5308c6d

SHA256
c2a3acf32888bff218df0366f5f29c9fa2f5707cabbb40a6469a5b4576ee7733

SHA512
985f0e8680320581c3860468b6aae1563a9a56e3a633ba1faa82eee3e3750acb9bb33f05911c5e60ebeb0dc0b9b2f49804e9735b9debf60355cea586e6b14913

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
4ed63a9ac6d0a773219f5a0234beea37

SHA1
2b96d50f660c5b27ce8260789314e8b7f690acda

SHA256
a46f0c86c32d615ca4eaf2d3bf33eb5536772ab828e984376b2197bc2a94d67c

SHA512
ab68b3230dc7326cee226bd1df742fa246cef3b7b83a3349f4ba809dc15adff1a0ca88162c8628660c2d7b31fe8daeea84c5728d7519aa7cf773bc5890690ba3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
30f6ae266c136e61873698a8bb8829ca

SHA1
8422b3b2ea5d90db703096e0f5e2a5fa95d445a4

SHA256
a5b608e06108a6810edefb04931381998645f63e45eda85869e24bb3f5bc88c5

SHA512
e1dbb19a2d50ada8322feb23057091ef5a836d5f90cd4eb9cd4367be6ff19be3d1bbdaa23cad3797c59ba8bcac8cbf74762d1d258719db66c5ce3272d30e472b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
d8e9259aee534d07f97b163d6b87de00

SHA1
d3457975bfd0e12639a65a9da7ec76af4dffd9a5

SHA256
8ae159d799293579a292f1b597c5d330e5c4a9556865af253302662cd9387121

SHA512
c7f3c7ee6c4d1cf07a4a69927ed474feee61d1ccef52ba22e3c03e78bced93e8c92c7f0d42ef95a6b3c1bab58afba90b024dbb7cda2b9a9e462d4fe48e471df3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
09d17e9826a23dff210017ce53368c53

SHA1
af7ffd829a70cf74474f509e915b764801f571ec

SHA256
7f15816a8cd81052082376d6c9c0b444f6efca91a612d2a21392e4a666fa966f

SHA512
12af6a419ecea8dc90b2854677d53a3934f357f7a8554eeb2a8f0f4c31300cdc6336332cd68a4664a95388f5c22ded6e36080682f1b971b1d93f1e6e43db3c7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
361B

MD5
595d7d40ce08440b8bbb1283e506bdd2

SHA1
37bd7451452ecb73dd8a9cf26e6d74a955db1eb0

SHA256
e53f132871ebc031a33644c51964183cae9d11e197ad08b1d9c427e6856cf76f

SHA512
058d2c4f294a1608d4717f17eb7b68fee82cd570b87522b5f680d086c29b4c0786892ec9cd79dfe7d15c5865952cfe1717d88b7571d7157d4d4fc9e3a31fd775

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
1b88bf6d4689c73ef1076a73831e4744

SHA1
ddf6f160e99be5e64fd6f08c030c4a6d6883d94f

SHA256
7d06b5113186e7af75b9c5eab66a4acbec70f595def28e6486d68561af77eec9

SHA512
0fe66bcf415dd64e81f0fd5b276fa7e08290fcd22f662337ef494dda6e7378a69d356b818e829b2e66d7a8b1e08efd9b32dfb5896caecf4d25dbea99c6bf1ab4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
35e1839642f05d7d7dc713f1f871908a

SHA1
9c64ffb7834944e709144283f839bd1617f62dac

SHA256
8266959e9401db9f04d4eeebc7be7be5e4b0599fd0e1e88693657339ea82e860

SHA512
baabf9df23fcec11bc521b75d038b9536038f1edd1c0fc9eacfa063a7c780add43342ba4e5fb4fc68b388ac31fd9c94d1c6c80b5737811440f05be8938c30f05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
851B

MD5
1d211f314bf7930a8d778bf61e9f8697

SHA1
8a3762438f17de4e3fba0b950acb4646f2093d05

SHA256
0a51c170ea040be3f36019f9d656a6de88e75526f7bfa00d57d038379ae03907

SHA512
cb5335188175e23bd9d481c5ebd3c90501d655dfd77bdf23615054d81c6851040382d5077c5c42d6b3f0f64e72d9b2e974edcf75456b84eb8b0e2c721d77af7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
54cf47fa9a98a045942aa46de4a5378b

SHA1
035820d11b7a557fff0ab110665e1646aa7874a9

SHA256
1efc48e62dd0a6f6b5ff810758b5367125876391f318d37acd30d790e2014ce2

SHA512
9ec8ac9e5802f42d85ee99b4d872d0afb310259010f6e6554b61db6fa3b49dcc3d3bf235473bc759e4af262cba1eda6bbfd0faaa72118557b8527fafe207b335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
f195c6a19976ec25fb94b31585b5e3bb

SHA1
abbf39a2ca807be445e0c93af25f6c258b308cc2

SHA256
fc7151d9e0e5202e2316a5e0910b02c54817461e7fc2c7007f3549877cd752f3

SHA512
a89bc499df5223a4902de15fc5077044c2bc4304829cc0f9b8e74888d45a73eada3e91407f32afd435fc277d7bc0920b69d5c589538f784daf4c89c4f279980e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
8d0143a46cb9271f92b9e1f0605c041a

SHA1
2859d647b43b81882472d2e0a733ace29086eed7

SHA256
7c97c5a469b50411cd4d23362c0be42363f60b915877fa0409cdbca78b10de14

SHA512
5b567702406e7a3c3a0c7b009f616208bc56684bcc9bd27d62fba31794963eb3fc9fd8e18f3cad8988971a0fa9fc1147e7ebc792fc8c91649a7f623706a4a418

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
eae8820db6ad0824d70cc7bd51db6bd5

SHA1
5c2577e704b4fc52423613d62e83422712866dbc

SHA256
5488e175640791b90b30f541755e09e38b284abeaededc205429118056f99829

SHA512
04f77afcf8c290c27fa735c9f7bd3aadc43ddcc14d2e1ed9537e23faa7b880a76e46f9ce15160ebaf926153a08246c3bc42a220bae2b2ff17d45fed1a2695b74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
38bc7b289e5417865b6cecc826bc3662

SHA1
a85f8d00c277c18fd551e50ff2d4142179bf16f7

SHA256
321701627d05437e0ef31c14d7c84da51e66bac41708f9d277dc2df18ac91f5e

SHA512
718e0fded9e5157390ad310ee9def91a609ed48589d5ebb66496a93274f9f54baeaa487a9923cefe15080b8d6fe888dc1c7e0a428e6b3ad86bc1335478afe27a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e2a85cc93e9a5240df95de70abb706cd

SHA1
e0d86ab1788f6a25ebfe8b962e2e6a4c348e265e

SHA256
af70d0c16de285504926574158f6911b69e735a6bf192a3ba7e5dd4026d08ea7

SHA512
46c5422d671d34347943568f0fdf13d266b627ab280e7f9a62cbed96bb3da46705df48b66db56b5beb3de8b197e851601bd866d1b53cc4d1caeea32646c00952

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0d2b1000418bc6be134c3a804f5875e7

SHA1
c3906697eb7b898c729f3d0573c4364830f2d0f3

SHA256
fb114415f28e7883926856217bc5632ad639fd0985c2f5876520c83f7f8b388f

SHA512
bf0fe793980eb27887b2258f9eb300e988c53fcf6e93cc97369c3f71366290f8f35fa8f73e4bcd3c0d6280cc7be7b637b891a278e1ea58ce5b9e142956c4abd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
e760ffdcd33506d5194cf0cc98526661

SHA1
e81a2cd58c47feeb4785262d54d2deea1328ac38

SHA256
df896f060c68a8408b75dfca4431c3735b9b9aa46d77172980359cd2b402b625

SHA512
91c23a997d77bb07725c499de793ef5e1619c3704701bdad14d55e612df9cf17beb730a8214a36337b813665724f440aa3be748dc84dd00c3a051538361f7873

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
2c80c3f9934e529d6bcd0d82e85ed3fc

SHA1
245886a92de13ce785a32ba6d812adf0eb86af43

SHA256
0d121859e3d12d1853b2c8c537f114b69dee3105727977652bef9ee0897af79b

SHA512
3eefeaf576e9b1807eaf76762588fbf61ca2ad4809c23f0e0f60222552be952790158d7a0251fb6d081904a9a3a341a1e3406621d215fa96c7523ea5dc29c911

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT~RFf795551.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a99702fa-e7d4-4433-b069-4225ccb874bb.tmp

Filesize
6KB

MD5
ff4c777cb34953e7f445109fc378496c

SHA1
5040d0ca0908c0a9de977d77ce15f73a8f4389f3

SHA256
bef3d4d97f352c717b142916f5f58ada09cceb626b2e755e8cab46f1808cd689

SHA512
dd7ad34294bfd1c226dd9c9cb3e2f809024e9765c3e8a4e0499d4052bc51705f0f6463c112eb78ec55ed6770969a109d0d85efdabb60a110fe5cbf117113075c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
75KB

MD5
d5a43a1b71fb85b70bcf91cb624a5b18

SHA1
4cdd8db0adaabb22f99778178c8334794c2fc106

SHA256
37f9e4ce5158ed5781f55602affc96a78410efb2482fe8cd2ac266b74e0fdb07

SHA512
e2b0bedf2cf417d00919fa15cced465716423177fd610fd6780331ad1316d070780e6b410f872fc0e66d41d188f301ace0bdad904d1479d164ce8c10bd5c3d65

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab210A.tmp

Filesize
70KB

MD5
49aebf8cbd62d92ac215b2923fb1b9f5

SHA1
1723be06719828dda65ad804298d0431f6aff976

SHA256
b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

SHA512
bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar231F.tmp

Filesize
181KB

MD5
4ea6026cf93ec6338144661bf1202cd1

SHA1
a1dec9044f750ad887935a01430bf49322fbdcb7

SHA256
8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

SHA512
6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

Download Submit