51baf4bc48db631e887ded88c0beb05b7a2f6f26ad2d122ee7c6cca6678752f5

max time kernel
899s
max time network
822s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
27/02/2025, 17:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

virusX.zip
Size

32.5MB
MD5

a58b72237a14d709c6eea04b73049210
SHA1

786a2d070ea75d7fd858ebd93869063fedd6d705
SHA256

51baf4bc48db631e887ded88c0beb05b7a2f6f26ad2d122ee7c6cca6678752f5
SHA512

978b868d4ce591570f722d167e14f2b6533d3b341bdaac1048fb3d1196ad26b2009269514d29b5aeb12aa75697ae556ebd3c88af1ed4ea00f8c83289fff7a9b9
SSDEEP

786432:xDWCPFc6LHxrdAxglUJMtJg9GzAl8g5lf/F9M6GvHzn9:sUzjxrdAxxJM+l8g5lDM6Gj9

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133851517265439348"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
440	chrome.exe
440	chrome.exe
440	chrome.exe
440	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe
Token: SeShutdownPrivilege	4772	chrome.exe
Token: SeCreatePagefilePrivilege	4772	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe
4772	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4772 wrote to memory of 4332	4772	chrome.exe	118
PID 4772 wrote to memory of 4332	4772	chrome.exe	118
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 2688	4772	chrome.exe	119
PID 4772 wrote to memory of 3736	4772	chrome.exe	120
PID 4772 wrote to memory of 3736	4772	chrome.exe	120
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121
PID 4772 wrote to memory of 3728	4772	chrome.exe	121

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\virusX.zip
1⤵
PID:4556

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffa1b83cc40,0x7ffa1b83cc4c,0x7ffa1b83cc58
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1920,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2216,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2464 /prefetch:3
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2496 /prefetch:8
  2⤵
  PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3280,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4560,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:2652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4824,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4792 /prefetch:8
  2⤵
  PID:2312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4788,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4912 /prefetch:8
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4780,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4900 /prefetch:8
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4836,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4520 /prefetch:8
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3848,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:4600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4420,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5024 /prefetch:8
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4520,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5160 /prefetch:8
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5156,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4912 /prefetch:8
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4884,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4716 /prefetch:2
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4736,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4556,i,15795007135225052076,16590986390873431669,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4852 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:440

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4804

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:704

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
1⤵
PID:532

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
57364b3c1b7904c231d859ef492bfb3a

SHA1
a8836dde0df300904b92791c9f305b5acb99a488

SHA256
9ce162c293d444145594a7c2d21a615c5c9bf62e59e231383d941ba5fbee913e

SHA512
c2d7b0b36294dae0693960592a0bc4cd4400498259a8708f433395dc9dde800167fb6e42385c34346658278bb49df560e03167ad4061af6d9a8ce965699cd5ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
bcf05cfd805f330d38a7c039bae65faf

SHA1
4c30dbe6caa5c04c6f7553890d6c1a1982bac9d5

SHA256
4b6aa5921e7db3182ad9a8f47c1cd123c93ce945122766fa6b8e0666cb625141

SHA512
6a8b1a530136117ea3fe82f6535c3b44604b1f9f804098b2cee8c7a9b4facb09be25b5e58c75a68841b81dc73efb243dbce177d33b1e8f3627bef8b58b026866

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3f77e179336cfccd1aa32ca70fdb768e

SHA1
50301f5bbb2feb3292905e5fb891eb631ba763f1

SHA256
c1cb0fc2da6ef92a1cfc2d1217ed89d621739c4277b5e64da33bd8bc0fe8b6bf

SHA512
a839aec23abaef537dc90267ce6aa9f5a9c5ea563e3c4ba5cd2e50289cc130a6ea6c3ab1479c8cb6806262d9eefa913ed869e8c90e9baa45602c68d80e90fe88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
352B

MD5
2dd27c09f2ef319753de123b6c8b4edf

SHA1
f017e174910d8425e0bf614051a1f7fd5f1b2baa

SHA256
4b0b2d2fd88a1f18376b967811ad8ab8e0cc15b182e9ece445c3d7383fb76dc4

SHA512
667f8a23f1e4040f31e15cb2f57f3d9e6e5419c7c4f321169ca8bd9f35e246e592421d68aca48d1a9dda4f044e7c546f3bf88f804567d1a0fe8ca2d61c36e54c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
faa29c4cc32e5467ab63741438b3375d

SHA1
20d808924cfecb4784b3c5edcef072fca27c1795

SHA256
abe615c152b4bf4038e45b87a86e9dbe28fb6835e2a8f888ecd93633f60f85cd

SHA512
10ac27b898237bc0fbf0c4777c45e33f873f6d8f81733a2cceb3d4ec6a1d945e10f424e74ba08063fbfaba1e54fb27ee85c8a824ce994c812f686d6d70f0f367

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3952572bfe2efbcc6e4bf9cd8234d720

SHA1
1e0c5aa8418ae682f4b4608ee2646d6234eed714

SHA256
7a285caff90158bb71e9ef76f8a9554762987aa9bc9cf768c304079e8ff07785

SHA512
5682981afa3f2bfa30fa3910eb7ea287dd30a934872fb68cbf3b649c47a0fe00afb95e144e15ffde546c9e3cf1eac8ab8cadb1d8f7ed4a5a3fe3ec086a41451e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
dcd12788750d57d526d3f34b6de83fc7

SHA1
2d5af21ca93f068904b44150a5f7b2c9ecf2b533

SHA256
d2211596c74f52e3ccd68014631f7f77a610978d6eb732845b504fe0923a7a05

SHA512
b81f434639bb5481d25f9241668b3e1f0929e9ae3e048012b3715c465e1a65596f887ad06411f048d9bf3c2565d6968796effccef81fd3bed88fea1a7adecd64

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2098e749121f87e640535b56f7f7fada

SHA1
ebc36bd7839c94d49c95394870e6c54370258142

SHA256
0cc19bbd59fcce7879572ca7541037b89c6222fa14b084af616fe93f0a25fb73

SHA512
1efa4a71cfd9d9c33f186055f8fb2b968eec97e032bacc59a5d1c8ded2e38502f30bfa42579cdcba0846d9870c5a34320e3fab52f1d1b9ad706cb171b2ec1834

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
31bddc87cec02ae51a0b0760919453f4

SHA1
9eb6e0dd73d13d3398164dc12e8a1fda5006e7f7

SHA256
f0ce303da8c8e5c4d05a8de5aab268485529fb53a81bbf68e496f579ac939e37

SHA512
6d6d7ea2a55cdfac4fae18dd24afe7719ff6843a86fdcddf23bda24c8043b26581ca45d47558e8f2e0cbe5d38b7e98a446095c069490fbbe4874b9bd7809547d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4398da5cc1381a7b77bfd4a17da5f1e5

SHA1
c3c2d18c85d4079580b92631f76d63048e7e81d6

SHA256
f14d3beb31dcac3b630edc2b9a109fcb17f1724a5eed51107bb3e4f79e4f2195

SHA512
1a5a6d01213692da857daa906925c9b7f2fb14a5b3becbb646c1759928ba4cd3f4a7d4f3a1f13846cce47d2e121de6c30882c46bb1f282089b7f26595524e2d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
02463fa400747cb45d26c0bcdf07c7ed

SHA1
51c86a256cc46d6ba4416e9763a413da4856fb19

SHA256
28ddc71c775d84e59de62718e8160b2e699c9484957fa8741732adb35a10550f

SHA512
e4567d5814fc7f0b4ee6b2cb4db338cd4e2c371ed016221deb1fbf64d985e566e5e61f88da9c7afe3d29cfe7b4ebbd64b9b5d4ff4113c4b26cb01a13ccd9f322

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4532474d754c1d6118401b154e0f90f8

SHA1
098425d632b850f7dcd09dc8fb335ee5ba6610a7

SHA256
e0a49d5c0cb456a09257baf9919733f35553391f67ab38d85089b76765061fb0

SHA512
0605698927d82c00dbc2969094fac3b3ad48e184ff12697a9782b4944bd437731c218518a2ba625878f90e1545fce705723dab589ccdac9868b34369ca3dc883

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b2fd55a2aceaa97fcb4ed93517e7ddd0

SHA1
01a32e603bb029bd301be1b8f543d7952a160030

SHA256
6856b13c2cd4ada61a7310fe844632acb1b74930ffbc94d2344e81b3d3e8148b

SHA512
5e3bcfa39eec3d7e8dbcf1fac9f2d3a2c7eea75edc203e77aac3aad83eb2c1a8f80d428f27140f513282826e84281c1d46fb1ea7665d976d0065c1c7e0826fa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a12adf94154d6791aa377b850f67ce68

SHA1
2feb8016ce0027178e4c676077a14604a42b8e40

SHA256
bd7621c37fe611cf74bc757fa18287ec07df40faf402bcb6e36156db46e5c404

SHA512
5a383aedb11cedbe7dccb8ad72c6e0c42633395f482e8df3b7bdda77c62ca532f87f3aaea12550a1db1c03bb91aff4816c2465f76e5cba5566a0475ad029c15c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
34c135ac2afc6c9e5290e2a7922efd7f

SHA1
7eb3496e81b7e1165b64b133c0ef2b9cd9201af5

SHA256
9df7abb98637a5a0cd0600db882833afd8598e7a2327b0691a41d6a043997fd9

SHA512
dbe8e3e6116679e1e4131e4daa926cb8529943c2fcc1a1eedd61329bb3777663e3083e057299baf8636adf68924c6c27ab3eccda44da49a365d69a759e8bc41b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
474175ea10ede5b7133efe7a1916653b

SHA1
1d17c980103705fe81ffa89633fd7ad141878a1a

SHA256
11a98005501feacf3b19988d9cf3bb5c1b9fe25d4ff277036b4619035394d767

SHA512
4ae6f7d862f4bfcad5f2af163651f003b3d99a51ee4fcd517ed2a4db61168c77cb0878c564223c631a142b66403fd9a26b530d74a12a6ba0abac179b236eba03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e88dbec0311f42bd75449da3082a0ee3

SHA1
96e956e6355fe817a951e71aad49476fb93af861

SHA256
276621d8084c23350a694b5434fecc90932c478b8b6e020ea07f382c294a4a6b

SHA512
ce127a7b7e08fbfce5ff69d86385871c5d6751022aecfc5d3de6f2fbcf4a2be3db1aa9c7d795aad0c3a08c57872288282924402731be5ee8106ababc6cdb8048

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
10ec6f7b361526843290630424265d84

SHA1
0b93fa29f01e9737b390ff1495d7f6dcb733fe29

SHA256
73207230a8c3a6b5d0db1532cef9ec3b0437a33201b51182cd0afd62c74b2181

SHA512
1ce7334c492dcfcb7a1b8e5700efba708eb4b322254cfe12ffdfd4b92b45a532a9a41c34e03a48f8ac6db99858b7da8d3d0ccc3fe7d5ea061431eccda4a52a59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6ebb97f92ab086c07d7ea645ed6ae31e

SHA1
91678a5af9942fc7f4a62b26f874d1820d39810b

SHA256
18e164e283e2bf4d517b4eee13049810ca84218077857110e4008b1e712a1a55

SHA512
231732c6242ee802874e07139443733eb213b72f640f4cf294e89bc84613ad865e2418823a412b1e66fd34f9655199639b1c64e487ee5450a0029b9ba28727f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1f43f6a6faae4713eebe4416efbd6ee9

SHA1
03a7fdeeb9e39191d2351867d3ab2a48f6413aca

SHA256
18a24072cb236f0b04b1089dc6a9b4bf36fc3cf62c14b392cf46dc6b65cfb320

SHA512
b7248a3f41be2392dca79cda0b2c2c11a89f161e974c0d3110ed557dc02f5626e11b7df4646bd93d636c16a5366d6a080e66560ac4fae8542b004d2eee2a7502

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
70e83b30480abac298617569284a2f9a

SHA1
7cf82b914edf13c47c4da86e33b88aeb8bfd5dc6

SHA256
53b7dc6cf2d6e1a65b09afb4b9ce34b1638918636a1ab18439f8aa707e3c4256

SHA512
7460141f93fe9187e2d190f6cc5ab553eb630a00f277e816e09d347f2ce828d42744d46fc7eb442d2ad9b2a6ad99fb81c8b0b7426802042ec993c318cdffa9e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
31e5e08321b1c1ef4d9d42a7085e8fe9

SHA1
9f2fcf4e2cf7b25ff53b5a013ea05e6c62ad415a

SHA256
2d8def4083305df94004b1e8b652668ffdcc99a5db09e319b5768d1f6e47ed35

SHA512
111e5ebacd3dd861f29074141f499ac932b209cb69c7ab27bd2583394e41c5e8469fbbfe4878c04cb918fb4093e200b5d0200ed00badb99e5cb9a0d21f05258c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
244KB

MD5
5fad5f76685421c3cfd8a2e9bd61a91f

SHA1
74b08426b5147745a24cb554ad87aa1e4c46a7d5

SHA256
af057f2bd1dbd8758d67a1a074d0602fbcc3b23776848543afdfcc59a3a085e8

SHA512
2bfa48dad82d2748778c3e770ddb2d32485cc462467fbe3d4bbbe05318261ba16bfd557cb81d6d7e335cb81b627c5167ccb452db81654752cb763924752f5ec9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
244KB

MD5
32adca15a4b62c78adfa0e990ef7e90b

SHA1
114fc5413f058a20d9d25091e568fb10b9c3f5e6

SHA256
450b13d0225569317070bbb8b1d52376bd70069b7a7e3dde70a06fa7c602217b

SHA512
cd6a2aa8bcdcd62658ded0bce3125d099332c80a51874f8be183d999d5cd79ce65c6f0e148a6bbf9cab3df66aaa84b4a3e3460b58dda50ccad0f802cb14e7a2d

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4772_1243454252\1dd58f32-4f13-4136-8a1d-45065513e6f1.tmp

Filesize
150KB

MD5
eae462c55eba847a1a8b58e58976b253

SHA1
4d7c9d59d6ae64eb852bd60b48c161125c820673

SHA256
ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

SHA512
494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4772_1243454252\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit