4f07343768fa1159c166497ad325f6c252d15236d98fa1e8be86415939e94bdf

Resubmissions

06/03/2025, 23:21

250306-3cg25azr14 10

06/03/2025, 23:18

250306-3artjszry2 3

06/03/2025, 23:07

250306-24e66szqx8 4

Analysis

max time kernel
600s
max time network
600s
platform
windows11-21h2_x64
resource
win11-20250218-en
resource tags

arch:x64arch:x86image:win11-20250218-enlocale:en-usos:windows11-21h2-x64system
submitted
06/03/2025, 23:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

profile.js
Size

113KB
MD5

d6dd31741815a84eef01da448a52dd54
SHA1

a5b965a0cb74fc5c1cf0fa5460f7109c2bc0f271
SHA256

4f07343768fa1159c166497ad325f6c252d15236d98fa1e8be86415939e94bdf
SHA512

bf97f5bf8b0db4457db67963dc667e15215d86fea294d99bf9ee666b7a4fb1d1a74482ca05fcd51638ced1807f73019eead6c41225282e0638864cca2410bddf
SSDEEP

1536:kxdXYb25o211qRTd5w0EwVyyhAVPynhOPRmHbju2BcJWdYWS/Rn9T:kdXYbS1ynhO47jlS/R9T

Score

4^/10

discovery execution

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Command and Scripting Interpreter: JavaScript 1 TTPs
execution

JavaScript
T1059.007

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133857760893361147"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2287204051-441334380-1151193565-1000_Classes\Local Settings\MuiCache	MiniSearchHost.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3308	chrome.exe
3308	chrome.exe
4940	chrome.exe
4940	chrome.exe
4940	chrome.exe
4940	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe
Token: SeShutdownPrivilege	3308	chrome.exe
Token: SeCreatePagefilePrivilege	3308	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe
3308	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
6124	MiniSearchHost.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3308 wrote to memory of 1436	3308	chrome.exe	94
PID 3308 wrote to memory of 1436	3308	chrome.exe	94
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2140	3308	chrome.exe	95
PID 3308 wrote to memory of 2176	3308	chrome.exe	96
PID 3308 wrote to memory of 2176	3308	chrome.exe	96
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97
PID 3308 wrote to memory of 2484	3308	chrome.exe	97

C:\Windows\system32\wscript.exe
wscript.exe C:\Users\Admin\AppData\Local\Temp\profile.js
1⤵
PID:1396

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=4068,i,6925591690600939166,85426131164229687,262144 --variations-seed-version --mojo-platform-channel-handle=5532 /prefetch:14
1⤵
PID:2216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xe4,0x108,0x7ffbe85dcc40,0x7ffbe85dcc4c,0x7ffbe85dcc58
  2⤵
  PID:1436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1744,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=1736 /prefetch:2
  2⤵
  PID:2140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2112,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=2116 /prefetch:3
  2⤵
  PID:2176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=2200 /prefetch:8
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3132 /prefetch:1
  2⤵
  PID:1608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3152,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3296 /prefetch:1
  2⤵
  PID:444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4488,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4508 /prefetch:1
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4656,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4648 /prefetch:8
  2⤵
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3732,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3840 /prefetch:8
  2⤵
  PID:1308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4632,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4928 /prefetch:8
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5044,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4688 /prefetch:8
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4916,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5036 /prefetch:8
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5068,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3768 /prefetch:8
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4532,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4860 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5168,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5176 /prefetch:8
  2⤵
  PID:4776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5396,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5416 /prefetch:2
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5568,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5408 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4676,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5352 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=3104,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:5692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5432,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5536 /prefetch:1
  2⤵
  PID:5768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=3260,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3764 /prefetch:1
  2⤵
  PID:5920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4420,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:5224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=4704,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=3236 /prefetch:1
  2⤵
  PID:5484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5220,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=5100 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5264,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4372 /prefetch:1
  2⤵
  PID:1108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5364,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:5444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=4508,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=868 /prefetch:1
  2⤵
  PID:1780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5648,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4520 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=3148,i,15824262820630873867,323650972678914279,262144 --variations-seed-version=20250217-180411.635000 --mojo-platform-channel-handle=4576 /prefetch:1
  2⤵
  PID:4944

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3400

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4972

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=4788,i,6925591690600939166,85426131164229687,262144 --variations-seed-version --mojo-platform-channel-handle=5188 /prefetch:14
1⤵
PID:5336

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=5088,i,6925591690600939166,85426131164229687,262144 --variations-seed-version --mojo-platform-channel-handle=4360 /prefetch:14
1⤵
PID:3664

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations --always-read-main-dll --field-trial-handle=4248,i,6925591690600939166,85426131164229687,262144 --variations-seed-version --mojo-platform-channel-handle=4032 /prefetch:14
1⤵
PID:4512

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:6124

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
d034df18f3c63256c916ba7aa2b3d334

SHA1
493b72680e6e72459d483d24a220fc17e04a0e4e

SHA256
9ab7f2360ba6241793e5640cbc661e2cf78d2acd1cfe87d88c73ad706fedcfba

SHA512
f6da88c1a44b5b6ebc032613e6f0c53fe7cf65acb16ca22d8f5acd948854d676d8633bdcf7cb8431c5894ce5542734151b1854aeb4e52ac7395d36d76db8949e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
51KB

MD5
eb43e1986b4decb2f18b87705230b3a3

SHA1
3ab15041ee2e20de935c10e036c706a47b8270cf

SHA256
392756ba1e4923bc1b92d3f668d1713d7fa081e5c67a6d0cc27f0585b2a57663

SHA512
d9c79fcd526454b83078f4c1c153fdc08db204873e2ad2f95eece159ab3f06023951632557a8d754b1c2013cae3ddd3a45e66a737818396399b25674abfb8a4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
16KB

MD5
01d5892e6e243b52998310c2925b9f3a

SHA1
58180151b6a6ee4af73583a214b68efb9e8844d4

SHA256
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

SHA512
de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
51KB

MD5
7d35da69b9e5129cd647c0ac8d552909

SHA1
792c141b870de791f215a44cebe89577c4136155

SHA256
2252406843819dfaa0c9cf83b2e4cd5977e78e803ccedbeaaadf2c5c83e782ec

SHA512
f7cdc209420b10f56f77e14c049a3a264b444ee09a431244483ac9feb9c2d886a722b3f1cbe78fde99fa43f7789332816b0d394d225b35a71230756ccf14bf47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
106KB

MD5
ff06ba62793064245a4faf8dc9cbe004

SHA1
540b3086c43ec161351733b200d2d898a50944e0

SHA256
bb0b3ebded100eb13e6a467a136e34db4c99229c6f02903e221a42563e129978

SHA512
0056b8032204af46fa461a6db771bf84ca19098e3561a3fa896f6604f7805757d261f0af98d78db27538c1580d06b4a25412cebe9fefbc9f5aa4f4b988d07c4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
118KB

MD5
9e12ceee102a850c92db739fb4d46054

SHA1
1a5bbf4656ba08619db360ee3a57e01d37d13afd

SHA256
05b5e7c75868b872cb70ff90a8b46ea8ee9d38921b166e6fcc9bbccd0a53878b

SHA512
b8b4b6ae04ab40a837803d11197bf3bd5d90a633b788b8a4bd85fc82d2d07987a50e712cbab9ca442bb223f5b1cf1b3c07512d416747c4904cdc88a9ecdfff28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
142KB

MD5
29bdde935894aa48f1ae60b3c5d07197

SHA1
eea83f29e0016a8854d465d7b2a35e516fd54b22

SHA256
29aba314dcaf3bce6647205bafdc5667902eb9d6a8ba267c3f1047e44ee87edf

SHA512
1d99d494cd082afa92805889e3f50ddc0d00e873ea792df7d31f004d891929f08f73eb28363307e7b7c9aaa4955a2eb26dd1b90a7b40a7c0d418546e5719a30e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
20KB

MD5
6d792a2cb0591c3a07bb914b08634b1e

SHA1
47be01b0ce689fdf97d25e25ac0d1259732094df

SHA256
abcdad921a838f68831f8d4c0dbab103a45ae655715af22af4027042193c8ed4

SHA512
5d6656b2cd7de811172f6713756594646b94e649eb64d934435b6b6cc04e4216834b44369c454c0ee0fdadab4c2fce890f785d58867398a6bd909037a4def447

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
108de5110f7ecc78d58852db7daa75b5

SHA1
8c156e5cbe7af8dc180468e715bd14767490f95c

SHA256
3fb369f228b17197245e33ffa9b827f80e928b6bf1e8d3d24f437ae9a4f88a1e

SHA512
f1258f140f39d6efe739061b4aaca45be91dff60ebefb858c192dca233f7ad0de9f46120a2df863391925614e95cdeb5aa4d6103da7714e428af8eaa9f9bd65e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
866503498ae49b049f3b12767fa41d2b

SHA1
84e08ead0ce4f33668f9733bdba20c22863e9f0d

SHA256
6c784c7c974a61eca9bebfb67618ca11d920ad74bea59a3feef555f7eb6cd3f8

SHA512
c42ca72ddc5154b56e5153a9c5e63a8eace85a6a0f76ebfc7784f5772198fb9d44d7049e96765ff30aaf382afc83188e155ed0f541e1cac7f0b76f88eaa0c74c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
d929de91fa1bf57c19a74c64aaf27035

SHA1
14543187926df7813afbc7e9ebf42fefbe2d5fe3

SHA256
8048b44d55e087402ca239721ed85a8027e8d54502a1a1962a23e4f68f1d16be

SHA512
4a4b768cae20656b18d040eac6b918d84c75f4dfa2e5faa29bacfdef75df5c4cb9ebe18eacf17f1e69ae29cfdef317ad2c08a8dc88aee918bef02b7e7036934d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
f1fc44471c69af4de76d25adcd416954

SHA1
4784db1d7d5f415837a30e986c402a443b01fb87

SHA256
338936a85a17f4eaaf9397cdaa22044cc3ea3ca309c524d3c6ff1496487e7cb7

SHA512
1f4ee18eb6b5473e7de3ca56c8c683d05888f73b206410c493df5302640e7ee3d9b0aeb23e0b0d1ef2181073f92aec062fc3d422d88d9e4b1a07a3cf00ce8b07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
c8d0380f86077d58d107a5781b8062cd

SHA1
61b002c76c9e499bb2d4697cac271b070f2e1c83

SHA256
ea7338f4cffe1ba18ad0d0b1801a0b896ddaf1f4f2af77de22145a659327dbe5

SHA512
52c6333d19fe3a7136e529785db350e8d8b1ee12685eb854a2cf7746fd8050c209fa91e044c6e057acce36b51a01846429fcef61be0353c0e1429f4e667a947b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3ab52daeb7461a0acfe78dc54d83f11e

SHA1
f8c09298a6925c95738a5a5d3b115b8794b68c45

SHA256
e9e369bb37d6552db202c2fc2e9b745a05b2d8adbf03b831da99a3e0d1ab5740

SHA512
5e416506c1a3e4fa1b9c109be4c6d6dd48209428f27422395ef3872beda1917bf8cde324f4aeb5b864c18ed92a22856a9db1c9316ecec8317fc238218c409797

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
fac56e1506181bb90ff1469e163de9eb

SHA1
fc0b7c83af78132a02c459ed116356ed23e44ee4

SHA256
8ad068e741ebb5e07aaba284af118955ac9dd06fa18a9e4f890a910adcb25394

SHA512
7ce8a1a518400aaa489d46d8749c419d4b3c341aa163de8d2a545efeca308edb96fdc0e14cea99108d140e634f5b458ccabeff9cfda5862b31e88761c3a152c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
41a2f5473dd832d965823fe956b27108

SHA1
acbe08c7bbbc6450ea7a60fe6106fa1a87584818

SHA256
5043ea3c4e957b153137822f8e61bc13abf53274e7c96f24573f87f21334183c

SHA512
8ea4a9401ff0433cada82a2e3cec6375b03ca5f041a7b5d72deff0c6b91dea803fb48273394b26d4aa0bc0729f064fc4684205d4375058b6b5d981658594e87a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c79b8e3b70c8ac6905cb94f8d2d8490e

SHA1
6f429040ad38f4629f7c9ff7373c84b8f846dda0

SHA256
039b1215c8daca989b98ccb3fd0d7d7cccee522d09e34ab61900d2408607971f

SHA512
b8b5511883e56de937b8df83a956112e9d4781c5955e1345b7ccbd408ebc0a9af4dd463d94e723cf972284f10d3838dad6ba48ad5ec63688c3e70a49c200f6b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
188bb798f72851f0cdd2cc31f2a0c518

SHA1
023bee9cff05b47d0f41a80cc0dbe749d8024c74

SHA256
1733b7c9e6a8efbe2d806965b15ca422b49187d64613e0d4a108a0bc425848ed

SHA512
6d5e9494fe98c2994bbd02901a44e772495a4362f743927541c39aeed2f831412d66b1a22b112a5f364eb1abec2b5297cbc009c51f85f49ea468c275b56ff2e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9c0f6aab75194796c8e0b28b71ac13be

SHA1
b52baad0ceda42371971b5e3b14b8a857528eaf1

SHA256
6b035cf6b6c588818fc70a23d7e98605e1f38ec64101f747f651242d5020b6a0

SHA512
245dec5289c46f5657237068c3108d5d293d1436c1216a97c50ee4da1a762ec6bdcc6be033da668d72cea222f9bf2e129b776fb807ee4f96f3a6627d6af2796f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
517450f903322962b3c433539672e4b1

SHA1
458e2824b33a105732827662d6f88e2141dac307

SHA256
234bfd8ecdb0adebbf2c718c80cace7f7329a40e709c6b15c40c78c0d8d4ba2c

SHA512
a1431c649d0d8f933f6a2d84a309ea0d52674451fe60ae7da42b60cd545cd92c5dcf31b6c7b4482a2a4ab758809385d27e09dd64e5c982a1916f1bce03ae5362

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c788b713fd4a2296ba0d514afb3f4edf

SHA1
03d1592b4e5f4ad3d208d0b6edafe6f2c35dc7e5

SHA256
82a48b8c5df1143dc9ea6181473f77f361f9d2f41c2252ec3d634580130bbd88

SHA512
542bd325fb93a0c27a167b8408f727dcd80922336082bffa6f38abd1f18d118751498a6283c141b602e67e5a78a8d21edcb0e72f6d0dd56d210194bbdbd4fc43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7ba34735bee8abb44161a8a0839ca540

SHA1
e52090df0264875416628f9c34518ec15bc6e740

SHA256
0389baa4ace381b4fc8a4ff600cf91fb907010ce40cbdfd49deea8eaf01d23a1

SHA512
4677d073a402568fb4be3a7c852b9f89221115bea9c1ea2366e483ea6ddad618537708d71ee009cc7a20c9d7f1f2ab36f60ea1baf00d665b69a976861f1c4804

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
c66db927ea768a815c4accd161d740f0

SHA1
9c470574dfc3f899c280976151a98cb9e7ae1b77

SHA256
52522102c980aba0aca218b814a6d34d8dc7dbdedd3e680241a0c2eb0ac22541

SHA512
e1f256b9e05874eca9b857cdc530e4429857419ea1a5ed803b5cc1eb5b31a12e9b86154fe5bc0b49bdf739194d4eac274fc0e7961e6416df95cb265acf2ef65e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
c9fdcdc6df1f8438e87f509d3437d05d

SHA1
d8b25b14950f0d047bc0ebc644be52e6c9b46631

SHA256
13307142a34cf4859e8d2481c38abebee4d01b18bddc93e42f761ba85f0edbc9

SHA512
0b8f633a5c6c6129d3b699fe21bd79d381652ee588255f363f19ece11fa0c02e3c23079d530baf1dacc61d9c8d061506961081825e801eadf46c6b5cd604492e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2c7169bb33226a7a6a981b55fb5de0c4

SHA1
d9ac69181d2afd14c6c235d3be9c1314cf46a8f0

SHA256
45d493236c5aefb57fc847fb8d3ddf6244c72ad60c4053875844f5192a8a0bf4

SHA512
03b472b8d23bc7b5f0e5e7e58d92254271ddf43b43ff4e5d5e5bc7bee049baccb92f641e102054aa16c6c0842a6a83fdcfd3102d8a7b2fbf651cd054a7cf97be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
f4f51705e2b29dea9f861e6a54498165

SHA1
3cf6696b36c3828496dadd1f707eaaf7817e402d

SHA256
7e8c8e995d5c80301178f6d8ad7120c041acc90c2d95fb97b532704ef7e53436

SHA512
7c182c2a723e50f79c28d4b261bd368dfca66de0c2d3a1e1c496a749a1e81c9a450fae8764e7b3d8a99b0329026353fa60dbd861f2bab61426c165b3848fa060

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
3dd011c3c52e0faa499ab876bb3a2ff9

SHA1
15826de415917e3f0ea830e7df04bbd55f521584

SHA256
f1a57b364fc7d1dd4577d19eac687fd64e25f5c551b9685505abc122b2f6be72

SHA512
bb728fca9d8ac1041d7a7c8d186d9eaa944cf697cc32e953816900911a6667de753900811180338904d50452c81e79a59be062afacc34a809ac131ed8161cb44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5400e52da39b004e94c19c0fdaae69e4

SHA1
8683cc6686c9a86366044d4d4980c69e4ad63460

SHA256
e860491145da275e91fb97cb867fcaefd86e4d55661bb2be372ee1d0a7638aba

SHA512
3eb64c7ae5ac82f059bf9aec5c13b50d8528491d4aa20e9ce3e1be04a83f56a99f102686bf2886d95de15d8df8fd94740800868e0da78c1c366bdd8b68eafc06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
3c98672e9b7bbcec4f03a7f1c340abb6

SHA1
03b8b8bd872bdda39dfaa6bbaaee2326c3d34fce

SHA256
ae4f528774c1f09fefa15f82b850a035ecdae80fe6e54fc9e83286f7f81ada58

SHA512
06c7c53734f9dcd7df1cb830a15debc20b1cf11bd4cfdc3d7451621ce02b24ec35a2af8c554acefe20ff013355966cdd1b281bb90449889ab634f3cedbdd33b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
84a5efd1a1687e4956ec75105bc1424a

SHA1
02bd932280fc526dc1b15dfdec606d236503c1f8

SHA256
671b8dff418248b15743693342d60816281cee889e387825883e31172b5d23f9

SHA512
8bc9458867ea808cb23537631c142ea68139d1a1d65db15b9e132129fca5bc6bf1fdc4a044492349cc779b2a83e03e4b05e2d124e087003c8c02f832c427f3bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
8f34321842f42fd8d7f00f1aec86de5e

SHA1
912cb30c9ec5357ea7d40f6b82fab3e14a9f847b

SHA256
ff955af5b20fd1c40fa33d6d6908bb6de055a6d6bf08a242968611081f1a9f41

SHA512
3a69ac2d7ed09e486a0f5a340cb3dd0f80c81ea5b54733be42ac7eb8f46c1c9e18056f4f544c71dfc1d2d59f77bef6c492f522e95101c565984302eb0dbc7edf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
fbbb2bdce000fb98e431eb1a9b2ba3d0

SHA1
08a5fc5a0be38f862e7f4a8bf7bde4c03e8bd862

SHA256
89d3603286cb7ea817ef612dd423dda57b6ba49a2ddc59e11d35a84fa5977447

SHA512
a85209210085714512db7861f7b5a03c764088469c33965367934e75c325f78780fe1eaa188e982ee38ee74ccc784d8a7c8485dae2bcfec18940ab3168bc8d7f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
bb2cebc60bb4ac2ed19277fc095a2e4f

SHA1
2ec233e5f03bb629a2be4e2d350156be1cd8fbea

SHA256
85f92ce140d74ef139d9ab274fb296ce52cf43d8a0be043523ffa1830545a3c5

SHA512
28031b0317699515ec8ec377cd9f14461ea33ead69e0bffbd13e944d5987a10d74619e98a8a66a97cca5408ac69051d7161a2a95b2aa40e8298b0cba094fbecd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
06afd0b580e9809d221e9d055a0588d0

SHA1
42ac26009838ae953a4d15837619ca00a8aa38be

SHA256
a4862fb21c2e0b9c475f404cae18c7ee9f7753e9f773cc6608bcebe1bdcb32dd

SHA512
e7b802329d3381a7f6ac0b857220c7b533eff935ec4cd1a5a31d12d4369d6438129b7c1a2d8c19e44b3c58e3978f5daec3576f7b492a627e0db5cf06b66ddc1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
c0e051eea5392f78ebc68feb8081a577

SHA1
3615f11e6decf9af38c2efa459dc88c8b376abf8

SHA256
151171283a579a306ce4d48a934aed504270ce350393b38b2437b06a7bc9f495

SHA512
8cc200720ea6536dbb32a23180317a54540ccde8fc84bb36ac15e72ea0cbfa700aa8c7fb6a29390db7818d538dd6340c057a852c2016b63f59e3bc2cc3113adb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
9bc938a62d95378169425f274c9a4451

SHA1
43f2791c21a2fd188b332ab57681021c11b1c816

SHA256
c2204dce3baf7a4cc3898913758b5eb153e88416d11d55d5a01186eee96f2012

SHA512
23510c81b20df87c827321ae8883458defc594920bd58da87171d8129648c2588105a04dd05edbbf22caa3d325dd55f64d22851e7f6436e47b30c2fb8d7c115c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
b86040fac3131f70e65e725196e7a1cd

SHA1
49d46ca911fe13afaba92889cca259304857a342

SHA256
3209b0de8ac5fde844d914444fec6d731010b59bddb6c5ba138fc26d0e81f015

SHA512
aec03990c080704dfc8ced81731e8b7343a4787c873d27afb55489927037eaa54bf215884d680c54723bbce7e4f412b10f7eaa3300fe5b480ead8c35b6ac2c60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
9234bbb8da780c76feca0ba1300b4f6c

SHA1
ea4f6b21f0dc47803ce962da757cbfc86223c60a

SHA256
cb32914c135869a3213028f1f0ed22eb4e7ff511370e43d03d78d1b58ad2067a

SHA512
c29ed87cb8af9112ff48abee7aae1876d7b1295393c74cae4648adeac98a291533f98f812759a6dd44d135f46f1ac432c575bcc57ca9ec973519026b55d9a7ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
95abc6e66e88f6354ea66154d593ed9f

SHA1
588012af8ae40e83f7f145a23b0ac6d2c7aba258

SHA256
830577544bbdbb252d711e7fb29c8f8c54fe8244d53e9e31a3dfccc34167b3bf

SHA512
8933ccb19c98ca3c7891970448ab025b8c9334edf26cddb15530f87fc86e760c81aebf0c4ada919b3f855c518fd54058145073e70cc3a43b455708dc50a6da72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
58620b433e8f97c0e820a5f62e927943

SHA1
30e50ee22e9499c6ad1e56a346eba6e250b05c1b

SHA256
644a3c2a0829260b945b39b9e8ecf633fc80fb0f1fbbf7a92fa99e7916b6a679

SHA512
31b6656468048a93d3af8744eaebceac754d368a2e17b49b3d1a310359068f1da5cefdcd138c18b0cd82f25ffb9e5dad671d632b916e51836913b8475ac7596c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
103d7def55f78d5ff373a14b5a28bdba

SHA1
20116c4713ba3cdb5d85750f478f2ac6df202e55

SHA256
f77713ba41b258eb6ebaf0bdf06b47c9cf43f1c8f6d9b62d63a8f8cef329eeca

SHA512
385332975b2afbbf43fd4733f1ef8c119a3e1485981814edea9513b5f2edc06c03c97347efdf532ece27883cb6c1aab4f74f273f4084047c52b64edfd1e5a79c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
245KB

MD5
254d342c859b2f223878121750e01b87

SHA1
ffb4fab21f5c32ab09a3268d272b56a0c7a3e534

SHA256
3ca2616ad568809f4e8ef72e888cdd6c12bc9f888291e5932ecc6c3c3d94dfa2

SHA512
e923763841af64d69539f5707d721ad8f7743ab5f333d789bbc7cc174f6cafaa7799c65414bda57d441afa3d048cb25ff6df3d58593f855791210f1fcc184729

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
245KB

MD5
8d9f1e110e3cda336c20f12e93f7bb13

SHA1
2c31a9927908f5e16baf3685c581500f8efa32e2

SHA256
455c93f405810550527ae3280e8bbbdb4c9a063e22655cb536c9bda725e5da12

SHA512
e2347404f229363e101cc67959bbde93cdbfb26a86172fa12c55b2a7d3e7e048d440e74f8375d159fa905f310d6b4290fccbf3ff576990095eed0cde19f7cf17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
245KB

MD5
8645a62a68faacd2ddd0b9b722ab9e18

SHA1
9002fcc6ff1eac5d1d8ae442f1ac7e3cbd978489

SHA256
12fd61172fae763ecfc1db36033786870e17d9aca079b1abcb2181d08b5e4242

SHA512
a2c4107813c3b360db955ed24808568022b8311c368c22704af863acdba4e069e34fb31792f41b0cfd9f4fbbf7d78d37ea155e346c5ca89f278bd164b673fe12

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
23KB

MD5
730e3892031e0e98dfa7f3582e8a2dbf

SHA1
a0f841e025dd0ca6b241acee06d3a430b03a8ad9

SHA256
0302813ad61f2faa7c9d85d55bb9aca82e1d307c993431a05ad66b2e68ded905

SHA512
7bf144bee803e19fa32a7a67dfc36d0f9cccead53e978710c3dc274d41df9bc83e83dac977278ba6a41758d3131c5f8c293665827de0e64c515a55bdd4b3f4dd

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
23KB

MD5
fd170f4bceb2a88dca09f9f5cd78f8b4

SHA1
6b0d817d720fe518e18c3a3e567534226d194a5a

SHA256
5fb7394a5cfaeffb0f4e78e0c0c90884babf86245644bf828a65d2a22a286801

SHA512
465c4a6f6babce458d94bc0ea17511c334936ccf4badda7beff267ad3a01fc2f798baf09afc170bf54c85e603244c19fccab41f0ff039e85bdf1927aea25d14f

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3308_973945245\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3308_973945245\eaeca148-03ac-49fd-b2ce-9510aeb2e3d0.tmp

Filesize
150KB

MD5
eae462c55eba847a1a8b58e58976b253

SHA1
4d7c9d59d6ae64eb852bd60b48c161125c820673

SHA256
ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

SHA512
494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit