hxxps://steamcomnitty[.]com/gift/id=1737219938/

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
24-01-2025 18:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcomnitty.com/gift/id=1737219938/

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
22	2636	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133822169090465102"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe
5100	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe
Token: SeShutdownPrivilege	4880	chrome.exe
Token: SeCreatePagefilePrivilege	4880	chrome.exe

Suspicious use of FindShellTrayWindow 59 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of SendNotifyMessage 56 IoCs

pid	Process
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe
4880	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4880 wrote to memory of 2032	4880	chrome.exe	82
PID 4880 wrote to memory of 2032	4880	chrome.exe	82
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 4432	4880	chrome.exe	83
PID 4880 wrote to memory of 2636	4880	chrome.exe	84
PID 4880 wrote to memory of 2636	4880	chrome.exe	84
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85
PID 4880 wrote to memory of 3164	4880	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomnitty.com/gift/id=1737219938/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffcfcd8cc40,0x7ffcfcd8cc4c,0x7ffcfcd8cc58
  2⤵
  PID:2032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2032,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2028 /prefetch:2
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1912,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2224 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:2636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1656,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2396 /prefetch:8
  2⤵
  PID:3164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3100,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3128 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3092,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:2080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4488,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4496 /prefetch:8
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4460,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4932 /prefetch:1
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3488,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3452 /prefetch:1
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5100,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5096,i,17670542666602211421,17856768842818405426,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4012 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5100

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3432

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2000

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d35c0bbb8af7a02f30f283f624236891

SHA1
fcd62f05dd98eaf02f7e3ff7f4d461d534e8cb8e

SHA256
fe5146a4d587077dae4903996a79cf9336802e6f8bd4604dce86a7d41b24eb62

SHA512
2ea6ca58efbe186cccceff0b7f2fb2045deb34b95da39ebcb85367785199c6368a58e35fa092a940d5cf216f712dda438ce913eeedfaa851873d9944ed667dad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
19KB

MD5
99af5da82ee74e7d9502225446604614

SHA1
7deff05853fbf1528875f9c358b8a6a31d6dee5e

SHA256
031fe7ea42e0a823949190f13ab143f1d9d26fb0b22d863b582593a37cbcda9d

SHA512
7d2cec0882df88edbb4789fc14c7721f6dca5681c85919ee1f033d5cb2324f9c1305707bbc4c534e0019a2b163291edf4bd65c374e843d75174589e7148aab07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
24KB

MD5
24c1ac9e5814fdba1876bd70e65b55d1

SHA1
440f8a4de77e05a029ae06d4f500c72308285d6e

SHA256
7cf9b84f3812c9377c20ff7b0826eda7092f11f33dd4af560413a6773f3fca43

SHA512
bc848fd4ccce7a1705b2b14b2ba1a1503a6a306096ac8460480bc653a2d9d4744fe21a0a39db573d7363b3c1252c6db1b594f029c04beeee9ccb5714c80af7cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
36KB

MD5
21f4955f4e7a07d5cae4a46fc74ab263

SHA1
3e3e25ca71bb03ce2c9b2a495b346b9653568b1d

SHA256
0870954849b1ccc0e6a9754cfbd3ce33f791cde77156d1f84519713ac47c37c5

SHA512
ec857db1522f15d6b769dc775550eb0023e27c080de45f6c091bae25b8524ed17fba0ca84af38459bb1d772bf479327b031e5ef677d3eb7f65c703c03fc70b84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
36KB

MD5
4769554431a2506afde025561880c118

SHA1
e6823fd9fc77c5a4edfbc755075a43f207e9ac20

SHA256
b2a1e4754dbc123b4bb5aab6863d17b917f11e28f6cd82746cda511e0fd104eb

SHA512
5cb53b1a90d7b16ba89c5512b25af49b57c55c7aad4c4d84b0144f43249dc736d95f39af7f81cff6c0d5dbebd807261e7e142c8299fb0279266cd9ab057bd912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
40KB

MD5
a470afc683c0884e0eecbf5dc4145f75

SHA1
fca0247e27d464bfef50a7bc751c06a41e65cbd4

SHA256
510940a8bea63e45e47699ea55eac22bf4af4e8cba3b6f20a4948d21d8934553

SHA512
d8ab0bd333c9f809ebb384d53d82c7451a03178cf443c15b903f110b7bd8631dea11cfc0b479028f11105b7de623ec48793d8925c3ce268244c644c71b5072b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
17KB

MD5
78009b0bcd5f695070babef7964ce279

SHA1
817fb69778754c2d5976909a48525ea46136992a

SHA256
a179f5a994b7974aec4a54c2af8d07d1d0d9d2cfc66c81246e1299a5a0b1ad19

SHA512
922be73fde8d54afead642c60b480f7c2d54fda6c840cb6976b02f10d12d67df749b5af21b7e441342c2007a17287b1ed55a9dc894638ff8fe21454be171b42d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
121KB

MD5
2d64caa5ecbf5e42cbb766ca4d85e90e

SHA1
147420abceb4a7fd7e486dddcfe68cda7ebb3a18

SHA256
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

SHA512
c96556ec57dac504919e806c7df536c4f86892b8525739289b2f2dbbf475de883a4824069dbdd4bb1770dd484f321563a00892e6c79d48818a4b95406bf1af96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
215KB

MD5
7b49e7ed72d5c3ab75ea4aa12182314a

SHA1
1338fc8f099438e5465615ace45c245450f98c84

SHA256
747c584047f6a46912d5c5354b6186e04ea24cf61246a89c57077faf96679db6

SHA512
6edf4594e2b850f3ede5a68738e6482dd6e9a5312bffa61b053312aa383df787641f6747ac91fa71bb80c51ed52a0c23cc911f063cd6e322d9a1210aea64e985

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
218KB

MD5
e93e966d21aba85448fbad862ebbcbe3

SHA1
0bd6beb5ba0bee448204e60d3c40450b1bfa2f0e

SHA256
9cf8953f31921ac3c2c115ba667b1f2c6c7fd9996dfc01a988b4f708435b4678

SHA512
0c33f82e4e442d02505388f2824a4bba9fd509ab259104eb98ca7f482c2e92b88a15939826b3cbf833cb9c43d76cdbd4dcbf6dcced03499aa26f6f37855d45ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
205KB

MD5
c9c9e7a0321c20a8faea53cb744f62a5

SHA1
a4f7964d6df916c63bc019879e15dfd8a010c9e8

SHA256
9dc45a4308a94cc765a3fe2409e6998871eadf786e01bd0fdcbc5e354ced331d

SHA512
12bfb41ca0dffe67448d2ca50e44432d60f150b588e168efcebe37ce4f030da3161936d443735587b9833eaf506d6448bce92985c16456caa6b2b94b48b7896e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
66KB

MD5
100655c23b1e2cbdadf8919bf6f14f50

SHA1
1b535aa013148bcf8dbae70f31064ed03380f97b

SHA256
9de4c1063286a2bcfe2c2b232e45bd8947e70d941f4685a50fd9d99cc6b74fe9

SHA512
9904ae2ea00d092f4d2cad4969d26e08b1840373e6869b358f11686d109b09eebe25fbb6a45671a918e1be53130a4ca20cb5e217348a855811cc4fdc32808f67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
22KB

MD5
9d53309ac2415ed6efe77b43a5a2b2b6

SHA1
31d26e32f551242c037116da7fe1f039bd1c4b41

SHA256
31e667f7d809056c4199b4204f46dbc6cd118a97530308229bbb9d450c42f89f

SHA512
25510c4cd3ac3388a1c91b5011e12a34c409f272d8f7fbec1a89cbff45f2553f7061c1f63d1a2c06f8773b885bcabd9c96501434b8905778132fffef80989476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

Filesize
29KB

MD5
a22b4c932dee392d593048fe0ca24970

SHA1
0258fa225754ce01c026d9b860d67c60793d76de

SHA256
001662ea66dbd203c5bef7783507bb3fbc4f1b3a3bd078199b49be92e7014dfe

SHA512
411a600761551a85524b0883983e4e483d18e3c427b7f689c489f4f46cdc0e91d4ea2b4000df66e0106f787fea9d034625ce2c184f2fe7a8402588cdd16d3028

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
b5a954ce7b18087b836996337d8938f7

SHA1
67f7825a2da6ba31f3849c109de937e707414e16

SHA256
0cf9a11e0c2d356dca3dc8bd268cd199f2d9f2d085c81506d4a504b5d866abae

SHA512
7759ed2f56b944128a0709d457001c9c356e515cc0d54ebe77389c812a47fbd0294f91f9f2f2566d9ba3c690741ead6e08a0ab16382a0e345f5fc8c0208dd639

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
8bba01284b4c28d76e070fea0ac7514a

SHA1
50e80456686410c15a84e183310fbd466ed79c3d

SHA256
8cd1ac43563c7709cac5ea1445dfd5c85a20d817f18f975e50d686097d9fcdff

SHA512
37cbaf5d884b3108718cf8b22d6d17b4da918988c5d0bdb26fc2a13a14b3ed674430eeff61129e12bd377c4332d200f763890655126aaa4d3ef943d8656cb1a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
414620253b1214ea13a129bf5741261c

SHA1
7f74efee0898e2093d19cbac5ff6a0b67dc47ba7

SHA256
664ee8fd53189319b8a829a24530afea4d2bccde0e143fce3dfd66584720f56b

SHA512
9241d8f821e35c6ed78ee22748184ab9f842d495214f6e61f75742cd39defe7f335a4ba2c5d2923233d7ae144ee5a55b141784f8d096de447bd36b4f1c2f7eff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d941d70eaac2d2b9134b4aa471c482e4

SHA1
7be1ee987beed70f0c877b8bffa30fdc3ab7bc96

SHA256
cd2a32fd8c3550e23bc23e0091c0d02142e652385bcda79c027ee39b8de5e365

SHA512
edfcb736ccae00c27e7bee6ad0597d1f12580010d654ac4fad7785defa5094ea269b7eb5250153be379603667e8c7500600e7ad2fadd8ba03ab188bdd2f80248

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
d747e052b03731bb30dd107c46316ca6

SHA1
a7f95a9d5a7ca8b6293a3503710918b1145c192b

SHA256
2b1411c50ea68186452c52671a4e5ea58d5bb8254a0f94083843e887ceaaf897

SHA512
0f12c4ecfec7391dfb6cc52b432dcc4eaccc6d03b80602e9c118bb69881f27ed8213104b525c9422360852c6abc1ceffc961d962a26ce91b4b3312e15a639e56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b9868effa21871955c197006ef082038

SHA1
e0cb0ff23e90162f61d7029d994035a74e888252

SHA256
b27372c06ccd43489ee221135daafdf0d54125fdc59330c9a883b967029c3cc4

SHA512
4631704d69769b1b2fa767b8a0878fb584c426b8a92c73310f1fea07de6c1065d256f21d54d25db432b8e786384ddc5af9c309db584caf9dba6c8d29bd1b1755

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
afa644dda205dcc840635f0e4360acc5

SHA1
47ab38c741dde4dda96f758a6596b6750043ab45

SHA256
f5863210a67d6d762476b3f5f6a3ac7ed619fe48dc3387317d44b65362a4b4e0

SHA512
7e80560b093fd2979ec3c4a3d99e0ee6b38b03e6a2060d07465f255d39f900c922f3808a54b79b30cb7722a9f6926ec8e109d6f43e124f6380da2111efbe2035

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7ccfa0d10a28c46cc75c0b174c903620

SHA1
07f99e582a374905a38fe4f5e2a1dfe22d2ccfd9

SHA256
88c4918144c7f1a20405f06ce219d27e1c827ef25a205b5afaddfafa0ee306c6

SHA512
1d3a925fbf6d5d1e341173dc5901e7a01e144146420e071fb04126a275b88d42041e8bbb2bb3a7c24b1593645055029608797a56c1d2ca0d806684a3da69d744

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
12dcf82b9fa5d951e833d08b10ffc822

SHA1
ffb86ca509f6236f11ad0a59a00cdf4b3e7b5927

SHA256
0d01ac500a73135c28d46949bf827ad025a80d8ca3463e283e792e97189ef9f7

SHA512
90e3f0d9697f6f3fa87bac898e8756680d41f7ed0b70b7ffc371768bc4cf958ffabb28d904a45f38b5cc5d70770602581021d90c44668b6f2f7c6e5fe2df05a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1881392df23ff803526b9ba0586a4ce1

SHA1
d9f438ba7251ff0d41a4da61842c04fa0cc6ed0d

SHA256
11a35430b8e87a6d09472faacd0d688027fd0a96a846045cc2a2b1bc9fc0f721

SHA512
968c47ec398a2c302408a4ceb323d5a6e80c0e980a538632110e648db83220f86760b21aea51e20eae454f00cf4d6f1a28eee840b83b53adfb17472cebd704a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
31e52c41dac6413573707a62f57461f3

SHA1
0b82aee093c2e14cb81b62b01baeab97a3987139

SHA256
adf5f1d96ed9de03cb4b5f436a29a6d30b3cba50e752bff32c36cd84ad960fba

SHA512
f77235e5a9aa6bad8f56e1f7707e740b031a8f91002636141ba27848f7c18cdb4b8f1b7b2bb2c143a0640b62baeccd9bff134ed2ac069ad1eae41123f3ecae01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
9d94396c9df451638aa761ddd09f2d24

SHA1
d8efbd520c16168a2e8e57eb54d39f460ea5f503

SHA256
5143dce1e9ebb43b858c942cc95108bf1aab144e2031da7933b8b188201ac2b1

SHA512
3a1ca2311be4db688d786b86f33e9d05edc9ce111a452d249b7d03dbd83bec8b1984ec988b6501b87f686f3722cc280e3723a4b7a648c0f8256b0ef036f04ca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
19afde28112078f9b5af35578272d82e

SHA1
2f81e06e78862431cdb34aaecb5fa66c0c74e817

SHA256
4947e5892abdda9edf01732920ea19480f7d4159c18ac9a354d3f8bf9727d87f

SHA512
02f183c0ec441611bead0a50d1649442da5faebab57478892ecccb0a44a51a2828a634133070b50549683e7bab175f28d28e1aba49aca4a84179c1c7ddebec91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
4a48c29a4e80a4529af8fa61d4ed9e77

SHA1
5cf6207cdfd61aa21244727564fd08756430fb99

SHA256
cbf7cfd3404043390ab86c116e27d9bedea4aff6ce86d42d2648f69b4f509b67

SHA512
fe71bf0d6ed2030f4122241e8d96d1c77cf30409ac55db11af965e739635fe28752cf8bc6ad01101f1429fd2c939716f21b5d62b61520d712f54f2de3c867389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
881c5dd154a8613f319c535e77ebd6a6

SHA1
8c9c011c49692efcc97f2d054eed7afe73eed518

SHA256
24818b008653767bf9a0a8ad7a649d3e8dad5400560265de55dcdcbf6538d637

SHA512
a0ed6bd11ddecbb6b89685f4e06f19a4a734a5457ee968f86da6c4391f1522fe6983333d4b89ae143724e6165034ace6c199a9f9566a575557e4d7af7b2ab587

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit