216f31c18146824ec864ce1cd25980075831e6194e8fc8995554239a3070f62f

Resubmissions

28/03/2025, 01:00

250328-bcz46azxfs 10

28/03/2025, 00:55

250328-a9rzdaslz3 10

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 00:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

HorrorKrabs.zip
Size

12.5MB
MD5

b075e5820bd51ea1edc114d8643dbecb
SHA1

6a88b93c174423486fad95346dd4c6f9958ed2d6
SHA256

216f31c18146824ec864ce1cd25980075831e6194e8fc8995554239a3070f62f
SHA512

798eda968adb4eade2cf58c967200587a163b9b0e3a650d37e3b1424b721734f01f820ee22c10b906c084fe78c73c8e19bc610562b80fe127bacdbc8d3c21f0a
SSDEEP

393216:l1Vj4dlFp2niHiXkgCSqCl8Gri0+CPTKqR/:l1Vj4dlP49eODeNGh

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133875970580529636"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-805952410-2104024357-1716932545-1000\{203C9C57-75F4-412B-978B-70F473479E60}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3320	chrome.exe
3320	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe

Suspicious use of AdjustPrivilegeToken 44 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: 33	1040	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1040	AUDIODG.EXE
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe
Token: SeShutdownPrivilege	3320	chrome.exe
Token: SeCreatePagefilePrivilege	3320	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe
3320	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3320 wrote to memory of 4720	3320	chrome.exe	112
PID 3320 wrote to memory of 4720	3320	chrome.exe	112
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 2768	3320	chrome.exe	113
PID 3320 wrote to memory of 4404	3320	chrome.exe	114
PID 3320 wrote to memory of 4404	3320	chrome.exe	114
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115
PID 3320 wrote to memory of 2892	3320	chrome.exe	115

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\HorrorKrabs.zip
1⤵
PID:4164

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffabacbdcf8,0x7ffabacbdd04,0x7ffabacbdd10
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1864,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=1832 /prefetch:2
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1520,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  PID:4404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2380,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2540 /prefetch:8
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3228,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3248 /prefetch:1
  2⤵
  PID:376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3252,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4440,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4480 /prefetch:2
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4692,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4736 /prefetch:1
  2⤵
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5408,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5420 /prefetch:8
  2⤵
  PID:4192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5484,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5500 /prefetch:8
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5736,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5512 /prefetch:8
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5768,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5448 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5836,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5524 /prefetch:8
  2⤵
  PID:3952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5924,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5440 /prefetch:8
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5992,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3292,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6020,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5856 /prefetch:8
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3416,i,1516279165691372603,5762722037918560026,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3348 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2712

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:3096

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3984

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2f8 0x510
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c945e489d61f01182aafb9c8f88bdb7d

SHA1
c09ef854d10213f07034ac116a98ef6e86afc04e

SHA256
4057adec1a83d7241843733e70e9e77408fdb0fbcf653e4b323375cc31ac2270

SHA512
63369d4ca41ac8b087498198507f20d5072a045dca705a0732035089d8b7f8b4571262b509a440044c8df787a0dd624421a4008635ae03561bc747ff2b413e83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

Filesize
245KB

MD5
826a2fdc3f1a2b1523ef88939e5212bc

SHA1
d4601508d7c23c7a3eb763e5ebc7146d93f315ee

SHA256
7526c99fdbad7818a08e49fd902539d98ffd967b018ba2036db5d6ea2e0de5bf

SHA512
aacb16db28626112b6554822ada0b0be52975f232eb5cee48c4e1111e9092ec3723832f48ce74316d2abbbce1047ad3bfc7617b7e2ce486eae356bafca165ede

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG

Filesize
351B

MD5
d1b3af195aa7b9dee50245d1036ff2e3

SHA1
f124d4c104ab6c51394402b4de31152732dd5790

SHA256
3b380cc6bd882fa351b97d28c43cc15f3305d97daa74dd02b2844acb3f2dee28

SHA512
8aad912023ef534a5bb4d6d29711c28103b56734fb8912222d4afa5da64c7ad09322201127149e972efe83b4971bf2ce5b316c3d95d6449647dc7b54ecbc0c4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
149069eab5d39e16c51e5b816bdbe859

SHA1
a30b0e89fd7b694534301ba16e2e47c8590af77d

SHA256
79c5326d8306814aa7530f113f9c4f5bb65e0de79e128b4bdd2384780c5acf86

SHA512
248ff5596db91244774a87a31674641253112561d7d6685d69450831fa752bd019c4959900f9511d90f8bd11411935d5b9a9bf40fe935f9eb49611b619a53505

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4394a0e9713e3a7dcdd5c8e0ff223dba

SHA1
4080da555195920640a8a29783e97b1ce005b06e

SHA256
af35c1d1403433d9fc2e075d2b4f5bcc3a3a3d79f31df91737965b6c34fd1799

SHA512
f1866ea6962a930596c7c2b52a592420bab81b53c2f64a7bb3788023c7c2e524664bf90e31bc5a13dbc91b5b50dfdd75ce4e4b5e96c6a552569064ec90ddc4b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
d7f15a5c84fb0131bd52d9d208d8b169

SHA1
5b34a5f57ab81fd2676317b5c77b32218b8c1f9b

SHA256
6e368e33253cc8b16046722219fff48afd70c3f9450e72d086e83c89af54d267

SHA512
927ea560c2eb65a037db1556ca097b0233e60eef6ae9f5de926b3e57452da8594e7165b0b96182b64a210a9b2673beaa8911d3e589dfb00aa4428113be5acb9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
ff0997b5f8299ee5776f02a2f7c3f7aa

SHA1
136df18d8b2b540107284cc3f4aa6770c780940c

SHA256
aad614e2b50610517ada4c06064bf856146ab7589eef7b97672d333a4debd2c9

SHA512
265145e9f73c0dfb43bbc596ab07b10145e1301dcd70db0ff9705241fb8c27b3c1908cb672583ca6c2bcf80b06986eb44b195b7ce9d86f0e347b64e2ced93ad6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
fb23557d7f0203e2241a2a56184db5cb

SHA1
07acd624f360732bcce67e7356809b4f195246fe

SHA256
be67caa87eb6bdab8a9c4bd62bb09ae6c170b2bb2ffe90ee45fb720adcb0153e

SHA512
3e133ebb2e1c91bc8d6e919070aa68404cde6e253a1bec8d7c02722367d0ce04a3262a8b906a11a7c176dc2c4e525baa10c3bb113cd7761963e7a68bb3a05014

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
198B

MD5
8a3754b2484a7ef611f90a4148b1b0c7

SHA1
39e044bc32300b0d7ab14d2318e7ac11059042c2

SHA256
95d4a9c3ab408b50de3b9b49912df47956cbc94bcdb6ae25cb90cdd1def20544

SHA512
7d14370eec18cfc8a8dafdad15d0e3601cc6ad51efd93a4ea8c7fbe151cac364ab1ab1996f1dd470a93a41db60bce907096b9df7c9c45a9fbcf39e9fe20964e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe599d8e.TMP

Filesize
119B

MD5
8ef6405e68ddca3e53c34c6480afca35

SHA1
78dab7046d886d8aac2991aa6222fe448afc8d6f

SHA256
86e7bc35d54eace7d180e5483457dec91faafde08fbf243ab9d9bc12b428fd11

SHA512
1f272a50e9bbeebda68a5cc1f4280390bdda72e48300787b49806efb2b721cb822a6cb057a221f14785a74ce0fa6957273e774b4b93a0f642853c10bcc2e4565

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3320_1974329639\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
206fd9669027c437a36fbf7d73657db7

SHA1
8dee68de4deac72e86bbb28b8e5a915df3b5f3a5

SHA256
0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18

SHA512
2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3320_1974329639\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
529a0ad2f85dff6370e98e206ecb6ef9

SHA1
7a4ff97f02962afeca94f1815168f41ba54b0691

SHA256
31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6

SHA512
d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
772ef21f7e4329c09fd55a098c255d67

SHA1
b16393f5fcea40c226f2edfb3d113f5038fb92bd

SHA256
59898a8f31d7405d86f3c02a31863f50ccec3323fda7323466f538e9286b0855

SHA512
b7a03675269379cfea5b9f70ba10262e9147c3bed75fc4b758f8a91c1c6cd2f4d8cebe2c8ee1a0db9c98ae3a2045a5f2e37c7007a636f8a966296d1151de48e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
1bae03d9d6b9da87a086695b3291f012

SHA1
4e4866a971cb0ef810bc0eccdb98cdc1bce1970b

SHA256
cc4e8ef2769167164d4a49eeacc2d840e82483d05465fa84178615f05b467af2

SHA512
4d5a8bf1ecc764c8bb9b45720365abefa6a949f2f1dc3a5b7c7aefdd50e5d8cbd7ff6fa1453864afa400bdc39142e1363b37882433f3d63961fa63b5957f357b

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir3320_1844016584\7ff8af1c-77a1-40e9-8c18-b56d532bbcc3.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit