hxxps://steamcomrnurity[.]com/happynewyear

Analysis

max time kernel
248s
max time network
244s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
25/01/2025, 17:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://steamcomrnurity.com/happynewyear

Score

5^/10

steam discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
44	4056	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133823002294359265"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3212	chrome.exe
3212	chrome.exe
4044	chrome.exe
4044	chrome.exe
4044	chrome.exe
4044	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe
Token: SeShutdownPrivilege	3212	chrome.exe
Token: SeCreatePagefilePrivilege	3212	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe
3212	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3212 wrote to memory of 1888	3212	chrome.exe	84
PID 3212 wrote to memory of 1888	3212	chrome.exe	84
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 468	3212	chrome.exe	85
PID 3212 wrote to memory of 4056	3212	chrome.exe	86
PID 3212 wrote to memory of 4056	3212	chrome.exe	86
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87
PID 3212 wrote to memory of 4020	3212	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://steamcomrnurity.com/happynewyear
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffa1fc0cc40,0x7ffa1fc0cc4c,0x7ffa1fc0cc58
  2⤵
  PID:1888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2024,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  - Detected potential entity reuse from brand STEAM.
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2284 /prefetch:8
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3116,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3672,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4516 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4312,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4820 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4524,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5028,i,15232014861363283793,1985100360509816335,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4960 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4044

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4748

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1784

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
4c82498160c82b444b6e7d77bd3460f2

SHA1
d906261ce9f55f48ecbb8746f219047bdb64dd11

SHA256
c534bcd0963023ffa202d507ff7363b00c46e47aee2c43d4e9eaa475a6fe8e68

SHA512
e68ffc5bf21fd3ad8c57ce060043bb69871d8903064f0f413ff95a3035a02fed845b8a3e64ea6a621fe1c144df56cf8244ed1a894f9844d79429050d95f3135a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
08fd449020e3d46e104e49d8d557ca59

SHA1
15523bc0a09190344b692a5668b78243d97b71c1

SHA256
08c625a87f9aed4095f1409bb4c6d4148cfd8d7eb7e4212a9c7fd90803bd0f0e

SHA512
8e14a89399024cc267c8d7acae9a4b5405ae1f6803eeff8fbf8850a14d0c9ddf4512321a23681929e634577b111a044a650b46914d79247545be623866fd7c8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
73e601514030e3a2f991674c17be0731

SHA1
fd982553ec1d469aec77b90d559778a0f4ae510d

SHA256
f62dd144d0148fc426df4ac916cbb41c9101ac7072591190be623726aa97e93b

SHA512
52777d750022b539d8b69f493e77d9a227b6373464b9330685b765a2335d1beb5c6df8e20b7f0fe7b7fbbb1a0a2ae2b864e1405ea83ba7c94c371a1bc4ed15ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
5b9c6956b49b1415ca07f4623e7bee6e

SHA1
3845fe70f1e9681ddc8b01dfa8b773f3bde63bdc

SHA256
e32a67de9fd5ccd5947649d35c543ffa5a8601544576347e97d538942eb392eb

SHA512
95866d427a09fb49e04b59f9d88612045cb8b4f6c9a93d9e2eb8571f0baef2ff86e73495ecbe9f9ffb4d279df1a2b634c73a6b977e3da230d2737debe4af7cb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a6cc24876c5c018a39edd8ced2941133

SHA1
702f6b85364778e6aa1a86b854b2633c3eeef141

SHA256
e061128d6797d0597d96b6570710be719ac7daff262f6011807d787e979a5e70

SHA512
c2e835a019bcf8f0e8bbcf4edf2bc91b75257e1b90438041d3d8bd55fb9a757e6840abb20bf4bf9ae4a22f3a6eba62311ee5f4c445b5a9b514bdb2cdc530f9a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
f4fb57d78082d0824ca18542bb36a33e

SHA1
ba6f2a2bca9a699e1a464c2ea6db1be215aa58f1

SHA256
b6d0a47fdae141ef717a99fe4482fbe05155a5158962291d1884b39d905fbcfe

SHA512
2d5a6df6910e3b44d2641fba012cac00bc4ea9924a76082bfd01c73c76c8b64fa0d9cf1c49b07dcd3fab7ccde9bcb4a37c673a59234f59a6444506bac0a68efd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
2585119e540e20be42f9a9287ace9df3

SHA1
2161a83191dc07196507109813f831b1829509a4

SHA256
be807bcd7d35189425e74ca6bb6057c68ef1ca8bd420fe6c73990e6818449284

SHA512
8e8c8d58a2010ec97d76159cf7f60e9375399a5226c71ecbed759b89b3b90d2b3d0d91e7b897fa1583f3dd7a0ad33007446e8bf721d79f702343808f0c66f9f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0b4b446e90c1157361e443dc50b84512

SHA1
46263ddd0e7ab7939a68cf90abc8fcbb3d55ab6b

SHA256
fedf8caf584e85f3b4dc4cda37fd7dcef39a8b124d03a7b55b68b67f46d5b299

SHA512
d5d90b08adba28a82f13da01967f2551086238389f0c7398d5100ea799bb240e1b32bd8635614a6e1b65c9a002458502acb6cd89b1a876bea4e47be6d5271b52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
39b940035b540da07ba61d377c93f526

SHA1
48805a96f0ce0ca45060d0bb93453c407b98e414

SHA256
7b2e9752edba0b92938e5c907ed0a2fd5788df6428ff081d7728bbd9ad674d28

SHA512
fcf0bc499d45bf51edd2e03a9500be6fe74306ad985539435e83f400c8dadfcb0ca30ae4c1e9eda7bd3bbb5ab1b697e18b6dd26fd3e47bd97ca7b4cf1ebb03ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
47f1253f8c828ac030f4c4585f35cbe6

SHA1
012dede661f4e8d02b19ac3b42287c795d8f63c3

SHA256
422030d418adf135a114c4d191417b22b08e487442b074a4627cd7c0509f2b6d

SHA512
9e91c64d0b0abcbc7647a2d354d2c21b0db824819ecbf172a160e07981e86642fa056162aba8d3274eff41c6ad1a29ba1f70786b2230dd63823f31bcc4a60e7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0f1f211aae972dc4704535bb5d2e04d8

SHA1
b319f4665f2a4983f0af5804bd61df1a85904763

SHA256
07e7ff13d5c43ae9d843fccf2b7d9b0ea41fab48784668e2c68ab6db59c2bd06

SHA512
6f618a86760b87a5de0fa5946c6603eee702e9d3747e12b4a590346d84f189d011e5be6e7d490015f7641dbb33cc76da9b7267be3809f4f5b19f27a66b1592ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6261c3a6c14c2361eeab9f9c0d6b4cc5

SHA1
70761cbdc805eb8892712e246782e6140162857c

SHA256
b9ae86b78aeee57080baae38da608a5c1fea8b96ad98051cfc5c491854e710b6

SHA512
20f4c0a017800ec7e26ece06d770c9e51536a5d4bd855df32fab5185f4396d54dffdc273eb42de6256c048586bb7170233768fb6e249b3f828785053b663a195

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
37d58755e80df67f5f79ce8b4ce6b513

SHA1
b537885ecc3d95602d557fdd79498b49ad16d135

SHA256
aa66d581f5c053ee2c6da421d21f67c7603e6e31aa473ecb17d73f540da78ad9

SHA512
b9cac1ab4aa6b268d28ec20673b78de437815664c3c2eb9ef3fce0f420319c410ca9c6c4df1caacf23ad0dc0aea7edfe837db0baf1ca321c2dacee163e9c3b54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
a561c92853ee8942acc5ff5793f7afb7

SHA1
1cb563ecbf80e6b3586a78d4ae33ea823bcdd02c

SHA256
bfdce9cc3f627e1313bc68c8d784e27b86bbd5ff2598650782670d4696d0dd84

SHA512
43494e30cb96a70da5dbae15da6159a7daf82abecf9b749e298a02816c75242e33fb45193f1cbb843ceca5a587d9adc4ac19ca9a9b6e721e228efa2066a80113

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
5c0c26c2d18225dd49f3f0abf3ab9ecc

SHA1
50029d93a32e979e462a1c203246d3559f70a337

SHA256
2ddbebf54cef66de3dc775a84820c31bb96375ffd298098928ea5db994d4cfdb

SHA512
1d154fc52e39ccd959538df4fdbd02668ec29e99bc1b72b9364040f3b5de01510e0c5137c714b4b4ae883e8d341313f040d23e3528afe536c4f733363ce529bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
7b110cac5cc848c3d2633bb98bbd4d9b

SHA1
2f9b3476081aa336547302ac494ac0844ca94c08

SHA256
7247c14dcea69a96d84640fe987c183536eef79102dcf3f913a3f1907027086a

SHA512
c3633f91a6edc5315996ef8682d2fe0e0347758317fb645a3c932db51207417c5aba5fa6d6d9c26d54ebbff63bea70fba2ac08ebd7ef60d61f625a74a73f877d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
c25c908bc460352dd53ac2e565d5322c

SHA1
5659dad5f7fa747d099d86a6eeea3b0c77c132d2

SHA256
07d06a49f271c002ec2a4ce6dce90690f0d42c9cd8a708073aa6e22021985c91

SHA512
0138147efe20fde6b855eb5b357143872d9f6111e992156ddf4225b1d4151d07898a9c3efe4197cbfca040764d9a43bf555a8aceafacc1463a11cc1808b07220

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
3a92dd4cb7d6816745445bdeab9fe33e

SHA1
359036a9a3866afabd7392333204bbb16f4544f1

SHA256
afaf38a57ff8049caeeb2be0f3230bf8b140334147e6409f9ccb7bfc40f4ec99

SHA512
f9d93c4b6d5a1d779ea84071e21c449fb5453db4d59ddbf1376c5c82f54a833e15f209c82c9658e3d9aa3b34e25c6723001094d5f2d2a3c3b176ae5b896b41ea

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit