hxxps://www[.]roblox[.]com[.]by/users/168392121632/profile

Resubmissions

09/03/2025, 18:22

250309-wzzgcsxwds 10

09/03/2025, 18:18

250309-wx25gaxns2 10

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
09/03/2025, 18:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.roblox.com.by/users/168392121632/profile

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Crashpad\metadata	setup.exe
File opened for modification	C:\Program Files\Crashpad\settings.dat	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133860179721782635"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1294999112-580688058-1763548717-1000\{EC468ABD-4563-44B7-BFA7-BCB1FDDBFF33}	chrome.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4176	msedge.exe
4176	msedge.exe
4924	msedge.exe
4924	msedge.exe
4712	identity_helper.exe
4712	identity_helper.exe
5900	chrome.exe
5900	chrome.exe
5756	chrome.exe
5756	chrome.exe
5756	chrome.exe
5756	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs

pid	Process
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe
Token: SeShutdownPrivilege	5900	chrome.exe
Token: SeCreatePagefilePrivilege	5900	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
4924	msedge.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe
5900	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4924 wrote to memory of 836	4924	msedge.exe	86
PID 4924 wrote to memory of 836	4924	msedge.exe	86
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 372	4924	msedge.exe	87
PID 4924 wrote to memory of 4176	4924	msedge.exe	88
PID 4924 wrote to memory of 4176	4924	msedge.exe	88
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89
PID 4924 wrote to memory of 4448	4924	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://www.roblox.com.by/users/168392121632/profile
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff91eac46f8,0x7ff91eac4708,0x7ff91eac4718
  2⤵
  PID:836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
  2⤵
  PID:372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
  2⤵
  PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
  2⤵
  PID:1112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  PID:3040
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5476 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5472 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2092,4251984819687054159,5502839813228306678,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:5128

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4248

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2452

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff90f87cc40,0x7ff90f87cc4c,0x7ff90f87cc58
  2⤵
  PID:5968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1912,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:6124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1944,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2120 /prefetch:3
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2288,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=2460 /prefetch:8
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3160,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:1708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3208,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4548,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4584,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4692 /prefetch:8
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4860,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4868 /prefetch:8
  2⤵
  PID:5144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4892,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4992 /prefetch:8
  2⤵
  PID:5176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5124,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4732 /prefetch:8
  2⤵
  PID:5648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5324,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5168,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5160 /prefetch:8
  2⤵
  PID:5804
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Program Files directory
  PID:5816
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x284,0x288,0x28c,0x260,0x290,0x7ff6022a4698,0x7ff6022a46a4,0x7ff6022a46b0
    3⤵
    - Drops file in Program Files directory
    PID:632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4940,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4888 /prefetch:8
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5336,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5040 /prefetch:8
  2⤵
  PID:5892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5652,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5664 /prefetch:2
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5160,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3308,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5088 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5704,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5780 /prefetch:1
  2⤵
  PID:5444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5504,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5104 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=3356,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5436 /prefetch:8
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5136,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3460 /prefetch:1
  2⤵
  PID:4272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=3156,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4516,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5532 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5992,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=6028 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3240,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5960 /prefetch:8
  2⤵
  - Modifies registry class
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=3276,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:5952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=4492,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=5164,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4880 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=3472,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=5848 /prefetch:1
  2⤵
  PID:180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1116,i,2945827004283292335,16131250714922757343,262144 --variations-seed-version=20250216-180425.389000 --mojo-platform-channel-handle=4456 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5756

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:5244

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5740

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2ec 0x4ec
1⤵
PID:2412

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
2716c0369f23edc4705dbab3aaec0575

SHA1
84a8cf278a2a775bcd433841fe1a4c9b5384e7c9

SHA256
beebbae43545718134f20f9bf6e9eddd294a9241032df734c1444dbbb206cc47

SHA512
f4ea8741a2494971dea7c885b85c2f31f888b8f731640d3bf9e51226ebfdfd414e44a8ed343dd71a37d0d79842af75caf98f5d41ad76e209841d5baf0ef90973

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
71KB

MD5
2d5b452e2c8c483d5a93f7764f3c27e3

SHA1
bf8cf58de6e58871a5eaa9bab052a1750a9cef61

SHA256
0d4caa8036947c4d1e0a21c46bf6de7913237d581c6a9e53ced77fb377de0046

SHA512
8750a7ce771731d1870b9d569a9f3df0faa67eb707d4f64171db069198b11b3254dd2bc50db061560ace5988603102cb0d5350118cce58f8e03a8f95acc1d4aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
416KB

MD5
90f6aaf502550d3eac4b614e1b8bd51f

SHA1
2d1afd65a250456dea6c67606ac3fdbca980264b

SHA256
949bfecee91daf1ab9c8963ed92e7f23ec9af5e918c06e5083a35985b0f5d338

SHA512
e1d64b62c0e5c61133b5c77022a70afea7056946b9b00f7f828775d6bd969bb9f90c325569dae31bc80f7cc70630c82326155f808dcb30c14389c35d2aacdf60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
78KB

MD5
b53fd19b0503aac0dc4862ea79a3631e

SHA1
0be49e4562c5f2f41e02ddd60a1f0262a0292b26

SHA256
491367e10aae3c105c4ee2fb546d22856155703985ad005a4b6c0b0d2289bd04

SHA512
b92efff8fd5ba178ac0143b61f0a42986084de783cb5e7500356f9ff1620cf9959b39fa3d111c57bb2a0a93e89cef095ac19e33303e2c1ec152517a509b3463b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
28KB

MD5
a0accabe047e77519330a2ae010ae161

SHA1
7d4f2fd1bcbedd986b7b1fc42a00459d0ce457f7

SHA256
36f3da9486e1a088f88a4a61af7c87d1d7e561cc79882b5d359cac235f121c4a

SHA512
9131a74fbffa0a89254de0004edb141eda82ab488d3224e8cf5f0f36a919301b8c1a352ab56b04812a5e05d46c328ce7f16eab44d9e3297b681214eb96a62d9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
67KB

MD5
f6e375b98029cb78f8a0bc04fd37f097

SHA1
2a77fd4c10aaec7b7dd549342ce3fb4d117e8de7

SHA256
9c553f40a5efdd2e981272527dc6c050b3b24452d2408a23c235b384a344ee32

SHA512
b5ce2a70080ceb81e758f7aa55a87267b9f7feb23da0ffc557419419c20ad2bac3712174aafae5f5f677855b6ce5055a75f91dfcbfe4aafdaf11a6d905cb0329

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

Filesize
97KB

MD5
19d2a8337a076d6451123701c6afd767

SHA1
46da3a8895c0dd4bdbccac33d081980ce6b0fbc3

SHA256
2e3cd814c9b4fe8796bb1fd57be7b9a15566371eb25686ff4873fccef1e91887

SHA512
5fa9553a90e7aa2e76b6313057cbcff55a3e3e965d4a044942b59aa62f05549eb3c1a33924cb6795ce3641745bf2bac0973585d5d930ec4b198eb4dd9f505e2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

Filesize
117KB

MD5
57df516c56224235fa3e2ccafdfc6719

SHA1
f500696d071549aeb6d1cb0eb26b2ccf8628ad90

SHA256
d89136ec227c3a1d024827ed2aaca5a9fc09ab3e99e4614d6aac09aa7568a10d

SHA512
76f6e1c2b8b8b4d0fb7eb777f41408978d985b283ef04ad2963f35ffbc0ae27ba555352783eb9ba185dcfd60c15ffc20bf364e9507405c9797e24d98d8662f3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

Filesize
29KB

MD5
f85e85276ba5f87111add53684ec3fcb

SHA1
ecaf9aa3c5dd50eca0b83f1fb9effad801336441

SHA256
4b0beec41cb9785652a4a3172a4badbdaa200b5e0b17a7bcc81af25afd9b2432

SHA512
1915a2d4218ee2dbb73c490b1acac722a35f7864b7d488a791c96a16889cd86eee965174b59498295b3491a9783facce5660d719133e9c5fb3b96df47dde7a53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
2KB

MD5
d412e34bbe8f166677d41141d213b6c1

SHA1
ffd191218e826a4c91fa373ead4619c66c89f96b

SHA256
81add24344acabd7530268595d0152964d1ae1cef498cc2393490048b071e7ec

SHA512
ce60ab747ad064a2dcfebe5051b9ff2e191ca89bf30a445defcc7b532e4db00450677faca360c745fbf64018e76a9a76a7f576313e555958774602dc71702fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.89.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
bed7ca99ae203470201fb6f7f3397fb6

SHA1
27bf2d36be15de0ef6c3c31b26206206f62b2923

SHA256
c89c1301833de474378fdf915eb7bdf063ff5ba738444b7d352a6d938f0b2a5d

SHA512
de07e1545951fe98cae78db5175458ff1d236de937b8837754cb3d0b7183a8c28916de443cc00d8a9be56e96807570cb40e4844c40bb0f0c003cb0f2de2f78fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
9ec756c5eb9951646be7d382c5582963

SHA1
2b57059cd3a09f732ba784a3cf8b149d97d7c447

SHA256
3425cd7b53d76ad75f2d4e84b9cd55e1e83bd8483e4cf2228acfe6d934da6c92

SHA512
cf19f781f8e3c4171ec948239f9424de9d6c852880184df99542348e17001be8241ae5295a2b07d2adef0e7852fa1072c0aab3f4ee5f83088e723109eb07ece0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
f2d0e4456ca3700f75a3fbe5f7ce4f18

SHA1
f5f2a4848eea75ff5e4134f8c5784b1e938a58b4

SHA256
87889e5d1d49a7a8a07089103b533a7602a1db7daa05fbf53a4af7315c0e2ac8

SHA512
577511f3847405429951268b164d34277ec883738fc28d24a5278bd342067a69fe3e4ca60540135f1357b3272577399579d722bc1713ac0cbba4296210211a57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7e080e0368b3289949164268352c314c

SHA1
f671e94a49646b76da1eb0053010f8e547696fe8

SHA256
8798cac386fa37deda8a66fdb91834075f9e0990d1216927c45235a7a0e1545f

SHA512
54cb802c686ec095346513086fc1f87ea4c2dd929ab0a10369e761fca4850391add5b0040d3ae72a14f550b847181865f7a6a36ca0dd20d50c100c4ca6501742

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
c071bb60cd3a379d5031b2f795346d0a

SHA1
6f74421a7163b608e0a4f58a2bc31b53dca93d11

SHA256
d0ef7383f9aeda1b867f3e5f1aaf75f35839c1f90a03bd7c0a6ec060896d72c8

SHA512
e1bbb1e2197ab74b55ffd1c338da8d10daad5614d10a3c2e234a3c0b5cbd7605a1447a30e17a82daead6d7e46549661396da2b1beb88624d007b6e49dfa9b4b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1bd033171cb74bd66c4ea67d37baa408

SHA1
97ef19cd0edebc239649c106a291c925730e42ce

SHA256
faa9317bf1540c4690bcfa3c0b9424593af9881ebd08160305eae3f81c816f8a

SHA512
0cef34083ec976ce2846347d07e724ea04bfc1ded2a1c8dea8d08ed17475fa23fc3e24bd0f1aa848189280e07706472b8a4185c5e337104aff76e3a1065f8c03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
19eeac3e26b4f3ca0ec383a1840f3828

SHA1
a18504747913c1c3fac36c73b115244dd2001220

SHA256
644fae7374ae53d890e5b7ba3213ca2745fced21fd606cd287d88fed4a0d4958

SHA512
35ca3d74757f45c7c9a660d82a8ce0a31a7694cef4930f6fd975d21dded09a616028aea39bad3255192e26552da592ba5cbed36c33e4a2571fb00a1ad445b869

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0a4ccfa11d4c6fd1ccb6c643a6d86259

SHA1
90b283231e3fc646e994781bb6d8b147ce0b08ba

SHA256
77531ed553274df1a16cd7aecb926b7c7b90351ddd5c20dbc6791a4b7c043a90

SHA512
78b4a486ea4ed61cfa1eac4acd78d76edcc50a8fb95113166251ae7f2552c8cc64e0becb76f86d7af0a408e20b65ba8b8f4c94dd5175d2a033d6c345d8b03d3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d2915ac4708e6ce3d4971e1622bf77c1

SHA1
fb7f36ee5b27aff7796e8c99cdccf50aabff0ccf

SHA256
18b6923e795d332198cfa118e1a4961f2bba7b3576adbfb048e768d54c10aacc

SHA512
a7e9b524bc3f30c38209bcd4169ab82522e978346f094e321bc721916a8cdbf36e6e5368ec860d596a231368220bdbe3d29097e18cc80358e3b9b7678978f92e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
73d3642ce996eb8e6a60462f2fff54a2

SHA1
97096bd0fef6be503a24876190b56f5df0168e02

SHA256
60f29795458a27eae6c13d5aba83b437a3e88cef0fae7ef3de043f64125954ac

SHA512
4597d830821165f640820cf32e3d7860b23ee2e6fc668fc96164eeaa5180465c53cb8f2db6c91425eb77b98c4fbbebbeb065bb6d4c12fc9869d73744826c881b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ca8adc4c61a45417400b430b4d0b875b

SHA1
ce86c5604620b2c276d2fb6450c14a18bd98dd64

SHA256
fa418d3b0478a42e45e669cf9cbe30daa78c583f6efa50d05854c96b52f0800f

SHA512
2b1f3e2b8f4a582d8b7a8b78a564c231c9720526951269939e4a869d406283edc8174596192c0e47bf607546161eabbb97622fa36a90dd1aff138dd93f8b66f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e008eb2146633d6d1933abb690e037db

SHA1
d5a886bd1d934bd80a436f0c85f6bb7cd934402d

SHA256
27807ee1516596a929148ab628631d9b411c4f9b953d04f5ed06d63b9a02a9d5

SHA512
896ea6e0d3e9c1a0038c75aab97972e04bf38fdf35c24063ed3276be4aef652615be75f411e9ff2b47f11f09bf5dfc2f2c1a4d8fca48483f085b0f2de0b9a4f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
637f8933b3fa08821c62389338d39490

SHA1
77bf6fb09c5e3933ef693b26f93d80a66f76cadc

SHA256
b03a212ce97af7a452192b988a9553734cba53136d1bf8a78de16b22b70013f6

SHA512
cadea8ab324ed2a694da9e1a8e1b67d543582f4b935a7807eed1beb71bc8adfa1a5a0e899aea4d4651de68565c309e235b60bb99f82c760b1d9fce3cddaf0845

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dd46cd2a0c4001f2ef4e6ea5140a7660

SHA1
e1554f2cafd47c7d2854d93e10700b03c6723ce3

SHA256
8aedf25d42fc6e79546b4ebf1a9079a933c9ad4ad5fd8c04d91f32d218fab04c

SHA512
f0fcf1e22298d96eae78691f581548e14080075df7727989fbffabb05c54e5d660982acb4a327b77421c79f83657b60d3e7a0bebb0089211fca7b63d5033cb92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ca2ebe52ee9c3a552cfa00c90860aae7

SHA1
065e3e9e8bb8ae411a6fe36775ea10c938f5a03e

SHA256
6568809351d01beebb46e288a8a6491ce90fd1dab3016b820be1b15c2f50b3e7

SHA512
8c6d9f03c421d39ac84ca375fded34b4b7d838ce1dcb5ec8cead8e6bd49551517aa673cf54ec08bd9421bf8f189998e7a5200ae8a0f9f11c80106a95426d2e71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
48e0452c7a1b99da952c7f5f14308382

SHA1
41dfff9ff3daf14c49f9e34f9d8e76714c774665

SHA256
495ac546e2e91422e09a32e3f81cdf33a7ecdcf142a050e011e727c26400c04c

SHA512
890bc16bb614073a152caca3dc3c83c244cfda5414ebf66162f1df1243368d69ba01cdcd7831167526b1512cc8418e5f118f0204a5dd32a6b588f127b6b86bed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
67625a923a1f9320366da906f87e07e9

SHA1
11be9fdb481a1aea3908d6e66021b316fa747623

SHA256
ab04af2dd3083ea8d94633b9622a38c96dc48b40b145872f7b1af1647bc3bcb1

SHA512
6927d4a5d0da82a7f44d16319a888cdf471b1e21a5fb4757b43fa794a6bf0bf7f1d7193fcbe8e604aaebcc2d6a54f02e07a263be16e55dd0ff4256e0dceb4089

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
945be7e8819c84475bd58c5d588ca12f

SHA1
5f9a247c263b0e1c26d9a6c808c85903ff2b5d02

SHA256
05e77ae5b6c609df35cd64caf4343af28830214cfc5a36e7be26834434962d0b

SHA512
29d9e73cc976c4bbd909375e0965e57e132485116177d40470b35a0f7ecbb3b119ec54ccf0034399f77aea1c688eb0a6b7553a2fadca05643a5b314d069f687d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
13KB

MD5
2e2b6b275481666d1a0189d2b8d32b1b

SHA1
cc7d6b0a2227b7551d3382bc92587a219a8650cf

SHA256
d021c0a8778e7a1f007fdfe8a6de5c8e3995860846662a17010e63a948db6769

SHA512
ffb8dad18d5b7d6e5de07d5cb8f7f9ee3a0f3439913f8aa5e64df81ad5b258c3c8a2e470d2c919615e348d288fc1f094635a113675ff13d01edc6b5fe9e9dadf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\013888a1cda32b90_0

Filesize
7KB

MD5
75fba304bee85e0a538a6f784d4b54c1

SHA1
6d2a83b9a718d40e6473744680cbc0d71c958627

SHA256
ca6e7e3ca5b9229213cba0f494a2bda8d073dbe56ef8dab5a0bcf4f8386c5846

SHA512
0e31d8261672d051c47dd3a820bb34039f59be0b2fd40aa6116dfcf11c3d2cd0f68f50d72abe529b7902c7c827e1f39809191e67316d756e703bb484cc005ab9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0

Filesize
2KB

MD5
8a91859542da6d8d9974ad15eb0b0708

SHA1
11793a0af18213cbd6bf7de0f3b8ef9e80c93978

SHA256
86aa4713658a069161f5342ce1f238a2c3cd274170a0b2045c335f9897746d4b

SHA512
4fe3bd928e48d2ef68471dea2252684756c5622c17d8bedcf0494a1b20c740b8cbc994bb5e1c96c6a6b53c64b76e2f618f3743cb91dc7424b83e6318d921b492

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

Filesize
4KB

MD5
87b92997b773252cb13278e0d6bb5ea0

SHA1
ffa00d997a29ab52f3fb032fdda8d34c952b2a4a

SHA256
c455490fb67a0ec68a154d4b85038c6ac6835fd6e3dd3014f09b3a8d0149bb34

SHA512
8e1c07ce739b7b5c83803a150edda4fc1001079c5830497bc6e6942e66d0c4cc0b2bdc424620a1031c93b1351a80fb2483cc08a01e874ffd9361f55602227e50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

Filesize
4KB

MD5
4f42683639b3dda1f973e697ce62eab4

SHA1
73622cd41b57f0218e5331a6dc87a80b6a0f6421

SHA256
0a15d2ddc0c2279421691a73d96778ababe1a3f3c18b6ae4a7199070d83f42a3

SHA512
661c16849085882eeeb91b35514f57554cfa1a8a6a944c5ee735037cd81a0e2ac726f480828e046d2ecbf4be1877f628343f49f51c7d11590d1a5387b2008a77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\fa813c9ad67834ac_0

Filesize
4KB

MD5
760bd59303e1006fb3f8e8611807dfdd

SHA1
7138965d70b8f17b5c83bec912a2a4610b9c2237

SHA256
94810d1ebe538695d2737e32a55bd9885cab2ef9d1152150514dcaf1b64aa3b5

SHA512
450e1da0905a98ea00bdf1bd0946886d7379bf3b85954a6d317fdb32750cc4aac186a29882c1d7bd9cf7eceaf77e9ec7c5ba4a9f7a21aea2cbe49a4d3cc1407a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

Filesize
192B

MD5
2696b94bd21811af688eb730b3530cfd

SHA1
f0752ef8fbe1864e276c5ca49df5df8f3f756a89

SHA256
fd1d570e5600e79ef9f7bd1aeb2fe81197c63a9bd267df7bbdb9cf73b5b61dae

SHA512
53d345d5f53211b5bd442c7b2a2220e9aa788089d0307c393242eebee1b29e28ef43fed0d393c5725f0e1ed8c32b93decb65ea9291fb8325b229746447b0e28e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
a7bd34ab40d7a22c8f99ff7ba03da958

SHA1
54761027dccace70bbfb8e712fcfdf2ad4fc54be

SHA256
c8d45bee2d72a442e1b1fc5c46295fea9de0fcd5804c013aa4c1dace9fb273f8

SHA512
8ef24e7dfdfd464775c9a21c2fdc454f412fa223764850880fac76cdba2ed662de59d440a583f52327c236a16d98a284afa8ddde58265b2b8e04dffac5625031

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

Filesize
78B

MD5
e51bc22c8d297b4f72c4c73490506fc2

SHA1
32fd4b576da24654438a98890b13739bb49c8874

SHA256
7231f547dba2ecc3e2e65c42f30a9f150804ab1ea5b80a8fbbea72427b7d0e7e

SHA512
72f1a2d63b36698aad63293691f2a408282d270688c391d6fad9daa53d0a02092534136fe63646def971561db30958c4a89d267c151361008ba62a2f17aad4ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe59f207.TMP

Filesize
142B

MD5
db379522b49bef9b72c42dc52a11bb0c

SHA1
2ccf9788094af5260cc4387d6ced9f3bd00919ae

SHA256
17dd6672445053228967270e6568d459fc7a80246974f061acf5b15dd35b4598

SHA512
90e1e0dbb0efc41326d1f97c322cedcb7d7857618cd4877094dd8ad4f60ef95c8db66ebda00f542c605e6eb5367e8c79bee27ad2a16946ddad911323e2b04f46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
246KB

MD5
1c1a173ee0d1b59d3aea9281ca43fce4

SHA1
d4617453fd326707e589cbd3be1c8cb46d35041a

SHA256
beb4317262befd0f61db20f7f9120bbc4816e2ffa4c12949fcc48e16ba08d226

SHA512
196a3b059bb203c77a283091291f0267ccbaba5b55571a1e651a669189ef83afe977f4f76b4f69e655436e60d99b71af506ff578f1f662c9f69ee8ca2acaca46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
246KB

MD5
de862798d2fa5f50b59f944c16d99311

SHA1
14f769fc9dac92902c0f61da3ec4f0653803a182

SHA256
713ba7a9acfb3011401e1bdeed2f78f7c3865bb3fee348f89d6fb12360ede8cd

SHA512
91bc5a9172c0566d587fcb05611b3129e3c729b1f2f7c69154671dd998389dfb98445921b4ac608428b6badd7f85f2d7415579acbf446b5a1d869f87c0f049ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
246KB

MD5
aa716dcb366ae4495f883d29e10e51f7

SHA1
117b22e14c1218f0e7c9c38f685f513b547c7d3b

SHA256
244d0b614926ad40f5fa220ba09b94e148e77a8ada2b4f5ffc42736ac9da841f

SHA512
d08d1257f67c55473325df2bcb6abd9060ac61d331ed151df66392f8fd2174051754f75f8094ca4cf509d00b5acb8cc3e37d9bd2f8ffa2835389968b0dd23eca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0d6b4373e059c5b1fc25b68e6d990827

SHA1
b924e33d05263bffdff75d218043eed370108161

SHA256
fafcaeb410690fcf64fd35de54150c2f9f45b96de55812309c762e0a336b4aa2

SHA512
9bffd6911c9071dd70bc4366655f2370e754274f11c2e92a9ac2f760f316174a0af4e01ddb6f071816fdcad4bb00ff49915fb18fde7ee2dabb953a29e87d29e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
a4852fc46a00b2fbd09817fcd179715d

SHA1
b5233a493ea793f7e810e578fe415a96e8298a3c

SHA256
6cbb88dea372a5b15d661e78a983b0c46f7ae4d72416978814a17aa65a73079f

SHA512
38972cf90f5ca9286761280fcf8aa375f316eb59733466375f8ba055ce84b6c54e2297bad9a4212374c860898517e5a0c69343190fc4753aafc904557c1ea6dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
6206d02107ec5141ed872d04bdbea66c

SHA1
05077cca000e4e8db67f438b47d7fbfd55e01e65

SHA256
c5db2a66faf8d004ccfc0e16c3a3cab537ff7d4a281d72319183edaf8d0b0e63

SHA512
c8196a4087aae01e2b6aa5481479613cfd29b17b4c8cac77d4d0fea1cfaee6faa8c53aecea1b93b60f0bb8cf3763683a5c4b42144e76014eb2ca83c74b72e861

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
763B

MD5
67fcd6dd5ce2714a9d91b33a252c33ad

SHA1
fa52eb4f0cfa864be79902708f3b1a25940ed19a

SHA256
83f4550387dc04acc29c59d55e81596028d9a57168e36ad734a0f5594bd1f76e

SHA512
3c31d5a657a02e58ae71a11e81ea70d3043aaae2222adb1b4589e7158db90dd4311f017c5ae6b07ba60b7f41370a8688228dbf5f34e4c494d11a641dad795aa3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
427da6c1eb5b9df20d9771d574cfcfe7

SHA1
299a3d740a92791343b532d6e8e601a59993f985

SHA256
7defe6cef080715af6f8131b6bbe940bdcb93dc8ea5eb7705a20ad8d15ec0fa4

SHA512
12b3265ca06c4e4451b04acebfce02be77aca63768cabf8c487c614f35e6424bd0128bd466c2d629be5ba0b949ef9cf05bae1dffd193a2c67dfc839ba9ae938a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9d8b1b066ddef8934821a87f71028f66

SHA1
a52f2634dc66bff392b95992f99d3a92b6e7daa3

SHA256
51ed940e2498a71d21da1cd90e3f47a84c5d85a9891b3afbcc8737b2c2cb2be1

SHA512
01c917806da6b951083b8e30a6ec66145297f0b22594cdb27b8b9b207de985cada66dde285adf4942bd7d972016503d38475165e23a66fcb62043c26608c4075

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
843d4b678b708d7074ff71c6de933cec

SHA1
36f1065ea5aa5255f1511003fafebdc1a6823613

SHA256
7ca68a13e7fa72c02b38025bf4417db314731e0838a6f949a0e46166e9bce419

SHA512
3e5d988b9df136de3357562e630d942b71287e0301960dbb1f343a32cb58ce8171736da19915305f0d3e1f4567eb47ad01026c00231ac2d76094596fc2301671

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
11cea18956adb115c814653f92bbb13d

SHA1
e75474befc105bb8d938a418b2c59c0e827ac38c

SHA256
cdd4c9e6fd88717e29d1273be05c64bfb05ddcc51b496c96080e2f344f7af8f5

SHA512
8461fde03425ad4665e19a13f3425713db3783e9c00b9cf4ca00542cb9f2e94d6d85b5c51850961460f10a50279219da2de44bcee012f92a2d74e91e0cf58ab0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe583563.TMP

Filesize
1KB

MD5
73ca54b26397a145dfb0a63576f1551d

SHA1
87601dce29b44a4f6bba70becb13a8d22942b3b9

SHA256
0319a85fabcfd042e48faec049456d78f9abb72f2c12bd6c93eacf1c756ae83d

SHA512
eb549c32b9c5a2dce87857973dd48f45d3dc84757b450cf50eb179db08348dcfbc6c335214cc7c51f242e6d4e5ffb8302be524a576e3e3d8d9661460f07427f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
31522bd5d7bf8ca670e03bedaa820e2d

SHA1
231deb8d6137d22f35ab0e76a77c3757f3423b4d

SHA256
cc9b77be349450b071f0e47662f3d18c0ab49c236fcfd138df40261d611f8574

SHA512
5ba154222cfb97ee70a18a4c221172a04388d93641907d9693763390d01b4cafd6d76861dfaff47de164030342c6d22149a477b9d66accc05111a6b655b96c33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
aafd183ebac90c33ad9c056028e5d9f7

SHA1
d12911ab2311ec5e87a081c0669e208653842c22

SHA256
0180bd000d55de582e45b99cbd0a97d92ccf1f6404161cea8a7190a8add3f0e2

SHA512
8fa1965a5f77579230562445a60499644bec6f4bb274bb910bf35369f99ae465b8f5ba2d8bbe63939b0dfec054991852f621155694f915acced8f41a77795091

Download Submit
C:\Users\Admin\AppData\Local\Temp\6840576d-1957-4b6c-b8b6-07d8aec98074.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5900_1635454134\75247201-77b2-42b3-8fad-f75ada077a1d.tmp

Filesize
150KB

MD5
eae462c55eba847a1a8b58e58976b253

SHA1
4d7c9d59d6ae64eb852bd60b48c161125c820673

SHA256
ebcda644bcfbd0c9300227bafde696e8923ddb004b4ee619d7873e8a12eae2ad

SHA512
494481a98ab6c83b16b4e8d287d85ba66499501545da45458acc395da89955971cf2a14e83c2da041c79c580714b92b9409aa14017a16d0b80a7ff3d91bad2a3

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir5900_1635454134\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit