117400cce2d25ba59019b7d1b7283ba18994ddf2411140b924dde02d45c5fdde

Analysis

max time kernel
140s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20250313-en
resource tags

arch:x64arch:x86image:win10v2004-20250313-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 19:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

redist/directx5/dsetup32.dll
Size

41KB
MD5

3d98c98e3a859bb26aca297b6fff3cde
SHA1

e3c0fc9afd704e22e12e5698ec076d634895b0fa
SHA256

cdfeaf5ff77f4f0fa7460614e4fa6e74ab201694570f92fd7c20d3b155093895
SHA512

adda54154a5c165d62bf76a1deced663abed061ffe58137a9dd47dca0fe49db9e6766806f88841c87806427c15dfdf24e3440474b8712415c0922a8baff19888
SSDEEP

768:CXIWGknr/2BPOCPEG4RMKHSzdwnuJvkQrz:CX5Gcr+5XKAwnuJMQr

Score

3^/10

discovery

Malware Config

Signatures

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	rundll32.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876629387778712"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe

Suspicious use of AdjustPrivilegeToken 44 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe
Token: SeShutdownPrivilege	2024	chrome.exe
Token: SeCreatePagefilePrivilege	2024	chrome.exe

Suspicious use of FindShellTrayWindow 27 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe
2024	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3660 wrote to memory of 316	3660	rundll32.exe	94
PID 3660 wrote to memory of 316	3660	rundll32.exe	94
PID 3660 wrote to memory of 316	3660	rundll32.exe	94
PID 2024 wrote to memory of 3736	2024	chrome.exe	99
PID 2024 wrote to memory of 3736	2024	chrome.exe	99
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 5788	2024	chrome.exe	101
PID 2024 wrote to memory of 5788	2024	chrome.exe	101
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 2084	2024	chrome.exe	100
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102
PID 2024 wrote to memory of 5884	2024	chrome.exe	102

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\redist\directx5\dsetup32.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:3660
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\redist\directx5\dsetup32.dll,#1
  2⤵
  - System Location Discovery: System Language Discovery
  PID:316

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffbe072dcf8,0x7ffbe072dd04,0x7ffbe072dd10
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2032,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1640,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2132 /prefetch:3
  2⤵
  PID:5788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2436,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=2600 /prefetch:8
  2⤵
  PID:5884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3236,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3256 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2440,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:2684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4460,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4516 /prefetch:2
  2⤵
  PID:5740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4792,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=4756 /prefetch:1
  2⤵
  PID:5392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5372,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5344 /prefetch:8
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5564,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5664,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5972,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5968 /prefetch:8
  2⤵
  PID:5228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5428,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5832 /prefetch:8
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5412,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6136,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5436 /prefetch:8
  2⤵
  PID:4856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5436,i,9387184828569366721,14202052820414334537,262144 --variations-seed-version=20250312-184628.452000 --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:5692

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:2720

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1760

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4628

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
5bfbb17b060922bb62c2303657a542cc

SHA1
2ef1911fe67ad893c8cc89b72db92ebe0b3b0b34

SHA256
0248281cd65b60b35b7039346fe5cbf00e37058ae536d9b2c892fcd38335d4dd

SHA512
645b9a4d4a3b20bff697c7093f98c462cd5ef1b47f21fdcaf90bc656e5a118c4704e469a38df591676c0fb9470a288a6f8db84c47050cfb8ba6906c79570193d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
b81520584741e314b5cdd2f41141513b

SHA1
058c1726cfafe396760396d92902641aba367e31

SHA256
5b144f23fb21b65a729c9486146c0ec304d02f19f4fc5aade5233dc6cf16eb05

SHA512
ac7d1dc084e6ba50ecbf00ab9239eb858a26d8682e93de421fadd172118ce324ade2470f3f2f8cfd78157efb2b803b327dbf0ef9d295fe095ae8ad82db27842d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnWebGPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
1a58f495420aa4f190b43780b53bceb9

SHA1
717af4ce833aed72471f3cbf97ffe87ca59b1881

SHA256
8f5f477bcbf779e58543025a4d17cb97853fac2b922ac27968ebc6d355566c2e

SHA512
4264a1fae6686b461f35e6e56daf62b2b37df8a049af4f12f61c9e248bd8fb901b2c463b8bdf7a63d99c8a048e7167c168be9997a27b77c6242e2b91031d6ca0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
1bdb375eef084825e6edad17230a843e

SHA1
29d9257b6d04c80f7ced4aca5433eda06abbbf3b

SHA256
b900dc3b6aa660ead86f8c7360d2a0cadaeeb2caa6b81abfb921969edf86e31c

SHA512
1656dd2ec32dc70bd16338bb3acf62ca9ed134101e39e71360629e1387c3d1d5c5fb85deec5f8627820b84c9f58c2e3a9fd0c624df0ce03cde3dcb25fdfbb28f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2c648af0e4038d59c0d35b2ce9caeb73

SHA1
707b3d6f1e5fd702130d1c042dbf8164d1c25dc1

SHA256
b56fbaf10a3cfa59bacba595511b8785aef708dba1d1d0cc1a47ffaf7f920a38

SHA512
be86faa9fda1839d5c92caf056c3a95691033fbc08348093eeb016b8e11e07f7b22f27c8c715d28dc2c70ba14c512b952f7eae046074f0c38228473cfa32817d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f0950ec72e916fd5b63ac8996dcb23a0

SHA1
2b6997983fe7431c5fb3163708d75de2e91b9efe

SHA256
8e0469df5a7163e9d679a75e55270a9d8bb1eab431cb7858d56090c3b4e1e95a

SHA512
4d42ae273addaa4f0b86df86d58a724f0dfe0bc0e9f90a1ac2b763a0f8dee0dc1d386e344f7026fe8945989bef3336a09e3f2e099226f089aefdf8a09429fde0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
c576aaf9ad10aa151764567aa6a61a95

SHA1
6ea79479410c0742949dd4ec8c1c2708c9ae3f92

SHA256
fc7fb7960606d6baf438a767c543bc9a1871b92dacbdc9ee243375b08770d15f

SHA512
4744c85077e42b528ab28da50bf6f28c4f44c773f9ebce97d2c6475615f1144e41805d9ee644488075f2312298e98ff811e8a23ad2c9ee8f5a9d027d6cb63fcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
66045701e29e782a6d152b689fc6f0f0

SHA1
277140a3c492e0c094cf578899af3d8502beaa3e

SHA256
e5295f997ac514da083772af575d986c9d6206f947d01b11ac2c514e9ce1f891

SHA512
1668d63dee0a8810bbf5951e74ebe56088923d4411a777fd5f15d28c33c7658a4f59aec208b4092bed77eb3d0e148a998d634e146ed3586829b66b268bc0beb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe589bfd.TMP

Filesize
48B

MD5
653767c5654dba834ed74df7ec22684a

SHA1
251e28a91f457e46d5cc96ab75b3051cd65db3df

SHA256
23855260dfe2b3dc75a72c970294887d421b11dadb9cbba43831bd5340291d7b

SHA512
d2780a4c04c2dede695390836b72fde96e8074e7e6b3b570e74adf4ec794f241b741c2c9c2b9df254d208317d62e81ebdbbc216ca6bc243fdbe1745c6d4b1403

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
79KB

MD5
170939b5d8a69c1c5117feacd3c2d2fc

SHA1
b8d27ed28be6ba517be81207a7de451ab07d6f1b

SHA256
f5d50261fc7bcb2fdfa3b0a8314b08c39702f723b602167e8fffeaa1a0b123e3

SHA512
c5e424b9b7a49df6a874cea57ef5f5c3d441641695186d64874ceef5fdadbebdc8f7a53c7fbba5006e52e6fa10c231911f035f9c5e4f0c80ab51642ea044cdff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
5590599333aeb523ec5e79633e623d17

SHA1
1278ae31ba6ce32311fff91417df73a781163c45

SHA256
bdadf480404df845c6ef1d5f6fa730a8ba4e1f9117b6360e0ddbebb6fc298ada

SHA512
a714d5483b952104cdfb827f62c03a5b9b5c8418fa2ab1414d30700862dccfaed0c4d1d8bd339eb19a18ee33edad32d44f4a788198aed2033845566a1c521c8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
49813f77fbaba808c5f248b899aadaf3

SHA1
ef62f0c9827c1710d55cb6c2433225e650e0ee94

SHA256
9c28179ebb468cd74714cc90d6cfb4d9ff66107d2bb89a0b9d25373adb29fedc

SHA512
3dcba3803a2b9eb19ed11e21bdb261576f46050673d5de44a793bb77002c6467fc17b74941d3041115b90f7078ddf2777152b199eca7d1279325d52b2f24887a

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2024_1142558685\4ff99c4b-b926-4eaa-b94f-644f7e1b1264.tmp

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
memory/316-0-0x0000000001310000-0x0000000001334000-memory.dmp

Filesize
144KB

Download