hxxps://portaal[.]com[.]my/

Analysis

max time kernel
280s
max time network
281s
platform
windows11-21h2_x64
resource
win11-20250218-en
resource tags

arch:x64arch:x86image:win11-20250218-enlocale:en-usos:windows11-21h2-x64system
submitted
19-02-2025 06:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://portaal.com.my/

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 4 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2287204051-441334380-1151193565-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix	BackgroundTransferHost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2287204051-441334380-1151193565-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	BackgroundTransferHost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2287204051-441334380-1151193565-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:"	BackgroundTransferHost.exe
Key created	\REGISTRY\USER\S-1-5-21-2287204051-441334380-1151193565-1000_Classes\Local Settings\MuiCache	BackgroundTransferHost.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe
4544	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe
Token: SeShutdownPrivilege	2136	chrome.exe
Token: SeCreatePagefilePrivilege	2136	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe
2136	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2136 wrote to memory of 1796	2136	chrome.exe	85
PID 2136 wrote to memory of 1796	2136	chrome.exe	85
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3388	2136	chrome.exe	86
PID 2136 wrote to memory of 3732	2136	chrome.exe	87
PID 2136 wrote to memory of 3732	2136	chrome.exe	87
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88
PID 2136 wrote to memory of 2556	2136	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://portaal.com.my/
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff93788cc40,0x7ff93788cc4c,0x7ff93788cc58
  2⤵
  PID:1796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1908,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=1900 /prefetch:2
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1736,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=2008 /prefetch:3
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=2204 /prefetch:8
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3076,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3092 /prefetch:1
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4504,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4512 /prefetch:8
  2⤵
  PID:2328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4820,i,7846811778935928153,15222427567532981679,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4912 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4544

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1728

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=4244,i,15195321112227810029,13870653243844057049,262144 --variations-seed-version --mojo-platform-channel-handle=3768 /prefetch:14
1⤵
PID:1408

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1440

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=3864,i,15195321112227810029,13870653243844057049,262144 --variations-seed-version --mojo-platform-channel-handle=5236 /prefetch:14
1⤵
PID:2332

C:\Windows\system32\BackgroundTransferHost.exe
"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13
1⤵
- Modifies registry class
PID:4752

C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
1⤵
PID:5084

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=5376,i,15195321112227810029,13870653243844057049,262144 --variations-seed-version --mojo-platform-channel-handle=4064 /prefetch:14
1⤵
PID:2964

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=5140,i,15195321112227810029,13870653243844057049,262144 --variations-seed-version --mojo-platform-channel-handle=2460 /prefetch:14
1⤵
PID:2988

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
fc3c3ed7b0b1b5a20fc7b3a90dac7012

SHA1
31fbbcfa4212226b58ec143519724b38ddb3484a

SHA256
09615093213fe0fa65c1ad0fae60bdcaeb8017bab77f73bcda871ab412baf799

SHA512
5e7409db66b6643af0ac73508c922828d8ca84965fe1a6fa32ad7dcac747a3c1c1f41ce2d911081935f99a6d5a71475b3ce590a827ab8d2aa07690aa7209a2b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
578ef12e2472fa7b367fed5c150b59a8

SHA1
0be139a72a7d0183adc559a9ebaa719bb90e3262

SHA256
cb3ecc314c64161c504e1fbb4069a189ebdc6edd36b2040578ba55d73eff09fc

SHA512
a079f934c00e71c9c6fed87fd5a391f959d8ec5eda84565a85116965dcb57823fbd0dcd70346cdde8bec64d82f6247877abc031d3831d8053cc4be0e1133818a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
52d6230b300b9aedca0c4ec0f79afef0

SHA1
6bf933aa935eb9dbd6e5b16b9670bed1ab5a2fd7

SHA256
ddeca8ee5d55cec1fd5f53d3de7dcdda6e8dd0e946228cecf7aed895478a0715

SHA512
8e085fb03c9aca3b496561728def5e2822c2fde00ed41ad79bc2bcb16698ab0a29a83c6c5385a7031cf759b49dcf13878ee78bf0d32c07567165321f0e291374

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
9a745ef228b751eca4422cb009dddcd3

SHA1
5afb070e6aecd6152974734900d6417dabda1c69

SHA256
98e5bbee61f20b7f0fa7e215a9d964a5b2fe58dd5c04a705963cf7f6970bab11

SHA512
e09da74e1cce4b42fa9eaecf663e822c794b8b438f939626b01a84e902756cdfe09242f9549d07edd8304d3567d9817bd620e234be8f6f13227ad42ceece9bc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a5be8f531803bbb7ed03c7cbb3212899

SHA1
f941f6b4358e2556a68721834b8d1d176820df93

SHA256
1a2d09359c18a935ac32d8b9b026e853e1128298ec0a2bc2fc21e9972f0ec89a

SHA512
c981e0f6b9feac8d3c53f4daeb6fd193094288bdb203f06a567b10549d374ab5a0eaa3b2cc90762dcd0e752d1ad3b088c059d701e79e91a6b35906d7ce446df2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b8ef3de20782f6487469f6c181efe20c

SHA1
cf05ecec47d2d19d3cd96c6f7ad0d332549db893

SHA256
8b37bd8d79b330f5152752e2470032348b8f32e15df73a72be1705a75b7dc88a

SHA512
f30aafc808f5a5573221d4a8e10f93515afda820b5f6676e1acc5f8f7d5d2949150fcdb987a4aed3594bd740c08049b9e5a2fbcdff59e50dc3e80ac259f80404

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
5b8a0dc24843fbecc93528617633a9c2

SHA1
70704e2a67162e3f58a6b7e4df03e21372fba1e9

SHA256
2194731ba251e36f299a01491f2a14a5e93749f0c334052404a24068e667d6f1

SHA512
873cfc0d35da28888acdd166090c93cc15a5c4c72f481fd8faf25af517c9e4bd50cf64308533af01633d9332280a11f4ee842aa2205254de916375740562a997

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
342954a03d20c41d4465a4e9ebc83739

SHA1
cba97f69c7f90de31a7d1c968ca2f0aa09d46072

SHA256
28b651e28b7b133c43fb2f13124024509b5142a31bea37ff294426f0591e55c5

SHA512
a37125b6ed59a6b79ad7c2bf03c6f92836cce7dc558d148b6dcfb0972c21dadbeac1ff19a7a3a98b3094ee473d7d12b41ed520db5dad6e331c4c7625468e582e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
a7803e8981a02c7d65938143e34fe0c2

SHA1
e3ca000189c47d05d8d6b6765b2c43c1b2e5e1a9

SHA256
6f1b59478d7c2d768fa2a2aac269ef281d07bbf950ef41cdebce3046433b7c67

SHA512
43b1e388c5c78968149c21d25a2209701ae0e8c83654800f49fbcdb6095181003d8d1b9b5a66ad8fbe40805160940151519e6474060fd979aaf96565ab8ed736

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
3e1d92368726ac302f0ff5ea6a67dbbd

SHA1
549cd2c2945528acb1d3a666bbfe7d5233b66d8b

SHA256
f8daee75d2057084131ad269019513a09235c4ae1aa7d80b77a8e5d929e8d919

SHA512
32243f8997b935f4ef6c5dbed22b3c97ddff7b0fa58cb2668e16573974d76ef5e7c7fdada5f115326ebfeb273aa977d0a0b6344c28d6770dae76141e980f311b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b864b954ac0a1920f7636aedd60b5146

SHA1
5b58c8f0911584323e3bdff571edeb4aa3d6ecd6

SHA256
04b079083b3a1d3a0eb827be72697ee87a5d1f5338e53cbd0ecfe57565fb799e

SHA512
cb4ba7caf19e7b16dc472cb7e4a0cfa0fdb7bed86356b6d1a34993acb00c475c38bc437fd81299cc62d3475adb4004661d729f1b460c7c6cbf25bc3692057b89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
57654a21dc2a458e06ed8709cc427fda

SHA1
2d15169df83ae4b6fd94482c082a03f57df3be73

SHA256
19d50ba924ca8bee6e4965228e18a60048d148907a8403a69a3e03ba5ae5e2f8

SHA512
c9c3e2602e9a392540edc576c1facdbcc2888451af8577cd9dcdc7466e0a70d0ce145ed77765b7e56ed13f78609337bddee2b81b37635ee9498ebfd71b918c22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
c29a0b4199064ffff486c79c4db47eb4

SHA1
e0b6eade1aaa33d129b271371f4714b298f25bc6

SHA256
f6dd534e27ada91a062f074d86d5aacfe9b18cf25b5a61628d36f72d8500eb55

SHA512
679c31621bb6d88d8ad45058474477f3782c712f82b529be5f2c36928de57950aa000975d6516d2615ccb9cc1d8a0fb827dbb9b95ca3502efc183480dda8295b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
6dd5e12b67bd9e2c0c107971946a1853

SHA1
1d4a80ac83a1e3977bbac4f763fab353d3562d05

SHA256
2a386be80fc9fa60e6f701d81262b64bd698a7e9661ea75c9527eff308edde98

SHA512
17f649d864b1286092c7a18e5684fdf3317bba8a47e42cf53fa068ab900586dc80f728d96083a1d37279b24fa5f596ceb5c52d820bd65982e4059519af600e5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
5f931bf1fcab0d07b542fcd75904a7d6

SHA1
cca9aeb9d1f5a9115490c7c299b9430cf014da14

SHA256
1841dcea514cc4b8bfcef4d1a4e2ad79c36326a617fd1c35a1b650c1b2484685

SHA512
c085eecad817ea77cab8471de221baee7b2da558ec66f7dd6a67192fb223a68319fa1efde24e5455f336911d1687e1571d1982c2f2b8023d64c37324bd6244aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
de39cc0f67991f3cef8bfa2ac3ccf84a

SHA1
56a25d502eb6b8236ca7772c4fb62b3add004332

SHA256
ef0d9e1d04eb5bbf9f93a65b4d04d051238a00da19080da282867a853e229834

SHA512
7abf825a2277dff720f3782561120733d4b8829df081f7c4657c9c53a7e87054eb3c2f820669f648482ad021f2ae06ea05cea40e633a70ab664d27ca7c6d2c06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
9a802b1929f367b96654858568ff4f0d

SHA1
981a404a2d3dd4560dffc69c83809b18efd5be0f

SHA256
91c23b2f4997bb60685f3fb6534da92c2b5be600aff371067c85df18dc6a863a

SHA512
d49cda3e6f734f6395decbe718aacdc5815338592fba64cfc4bf346769fccfc3274029a53666e7345600452aff3c5c999ef524877341a86d1bbf87c2dde05548

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
9c220f84b1321ea5a15cd01c393f217d

SHA1
30ee37c7808ec6c7709a5b7ebb17c471f76e812c

SHA256
fd92962cdc66790a8636a733e745e976f1061758b045117e6f5ecaecfb043c2a

SHA512
1b2ccef4aa6af6e6ed92c61210a837892f97ad892a2ba402ae93bfca8721d17343d15d672a3fadb1932ff3fd6a28733246f89f5330984288d253d9dbf5f06c9c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
ef81894a4809462e45732206a20803f5

SHA1
383560a9d9521abb4e947a54f7606ed8d898d1b3

SHA256
0c995153e4aea1c671b2176060ad0bf0cbf0a1f4c656103181ee78fe3957f43c

SHA512
275b9d0d576a2f3d78bb9b454f2c1f3d9510b1f5123c980df680821b99a590cafaf1775433dc01fbf77db0cc1614771981f7e9b5f014f8bf6339b85eca45e354

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
3bbe39ec80a911fadac1fe5aa35b4f00

SHA1
88d3ae7ffa6d60328970feb87c42db6912ed667a

SHA256
955e4f5d7dce2adf8b507363fea93e2a43703c6bfd0312c35b9800400b4ad500

SHA512
04bec72c03f504ad72f6c5bdcbe26d68737a6278ab9a216c78ce6850858cdca81c938010d0e740cefed22a248900c72939d5cfa77e57bb4a22e2c707550d8903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
123KB

MD5
0eae886c6a63d4e0fef10dd839ff248f

SHA1
21b9d8972dcbeb3880c96222ff4a676727cef31a

SHA256
509493ebf3938c834defbabe8038e548b5ee3174e04ff0d25607e0cee3fe2555

SHA512
db37e3b13dd8080033b2218b61a3f748c9425a3108ceeee5f8741a709c65be4f2a19c58554ff5e967d305c67555069ad34538eb7924daf84c3e6f420247e4857

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
123KB

MD5
e42ee2aa2f301fb94e57196e1e62e354

SHA1
0f3ec416901311429a622e05e9f95b9c62b9424c

SHA256
37226333b8418c2d8e2c99c3dd0b70ab468b934bc2be63250fa52e2b193ffa36

SHA512
cb766d786db5cc4e1c32b8a5a4faa576923562b602f388a4173259719b0a132978b81e7bd2b1ff193054480c55418a2793d7e894dc5674b7598da5d7d4bf07cc

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\1e0d6071-b8f8-4fa2-baf2-ddbd815ed314.down_data

Filesize
555KB

MD5
5683c0028832cae4ef93ca39c8ac5029

SHA1
248755e4e1db552e0b6f8651b04ca6d1b31a86fb

SHA256
855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e

SHA512
aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

Download Submit