hxxps://namcards[.]com/e

Analysis

max time kernel
599s
max time network
547s
platform
windows10-ltsc_2021_x64
resource
win10ltsc2021-20250314-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250314-enlocale:en-usos:windows10-ltsc_2021-x64system
submitted
31/03/2025, 14:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://namcards.com/e

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133879050690614308"	chrome.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1702774510-645589634-1201277210-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Children	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-1702774510-645589634-1201277210-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1702774510-645589634-1201277210-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\DisplayName = "Chrome Sandbox"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1702774510-645589634-1201277210-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428\Moniker = "cr.sb.odm3E4D1A088C1F6D498C84F3C86DE73CE49F82A104"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
5484	chrome.exe
5484	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe
Token: SeShutdownPrivilege	720	chrome.exe
Token: SeCreatePagefilePrivilege	720	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe
720	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 720 wrote to memory of 636	720	chrome.exe	81
PID 720 wrote to memory of 636	720	chrome.exe	81
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 3984	720	chrome.exe	83
PID 720 wrote to memory of 3984	720	chrome.exe	83
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 4336	720	chrome.exe	82
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84
PID 720 wrote to memory of 5312	720	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://namcards.com/e
1⤵
- Drops file in Windows directory
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7fff7ac4dcf8,0x7fff7ac4dd04,0x7fff7ac4dd10
  2⤵
  PID:636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2008,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2000 /prefetch:2
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2144,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2408,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2548 /prefetch:8
  2⤵
  PID:5312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3188,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4200,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4416 /prefetch:2
  2⤵
  PID:5924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3176,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5216,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5140 /prefetch:8
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=500,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5492 /prefetch:8
  2⤵
  PID:3856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5540,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3924,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5316 /prefetch:8
  2⤵
  PID:564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=840,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=1160,i,15348741854144835659,16053006272436867925,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=1256 /prefetch:8
  2⤵
  PID:3080

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:4244

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3964

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\989b5da4-8243-4289-aa95-5a47cdca1450.tmp

Filesize
649B

MD5
195cb1718f98625d6182695284a47b1e

SHA1
d7da856724b091dce98fccec79c5979eec22d1c9

SHA256
c7ede5b343b2e5244e303c7b9ec6cbe9b620900c1ca70c62043502a5e9ffd8c8

SHA512
46732ab6e9587439f9eaea6d172f64b2cb9617dd4899cfcc333dd1410ffedfe1b3c8a2a473eca6a12de900e3efab79e801fa8652487595abd12c48f318d5824b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
5e0f07da1feb5be835e0676d9d8c8ade

SHA1
c0acb7db20d1f7d6331d07964e05ec655606bff0

SHA256
09f1319c0612117b54d776b916ed3733f78c3cac3f63907392362693a059f10c

SHA512
3646cf8a59bf9a124da5ee80bcf7d488fe12712acf5019491e250469704512d10f86a492228570aabde5f01a5697bf3479fe85b0f33e5ea419be7fc9b83cf972

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
4e9ae68cb0f825b5fa0e4f1d35f736c0

SHA1
1a3b7cd5f800dd2c77fa2231f81864c5f35cf1fa

SHA256
ae7a2a1f9ce68c87904143bb430ccc06ae3d23f9786a4dea1c652b36838207a8

SHA512
8774e443fd53a96191c70814283d8f7ec86231298b70b1dca0a5239d9108a7488e0844539362f2ebf1182d9dba39a9539daeb1339d262e246b5b2183bfebb8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3b470c9363120cdfd1bd53f9fefa9085

SHA1
9fd7220336fbcaca4570e9d445be5e7cc6736960

SHA256
5530183ee32c95bbc6ef510c05bce1b02ace593aa53fd3abe79f462e68a61e6d

SHA512
21bf32de9f13481b482b4afeb20a6fcc7e694fb764b7847e9115d2f9bbc4795f4c892e80847542024852337f350dc24cf13de8914b1b5c6449dcaa570f4406e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
1f1e5b4d40f6f958d080db474903c026

SHA1
6d3e3511d1ea954b2bbb3599cd0e04a832ac3097

SHA256
21c7de672845fe4cdf21b456c8d62cba8d5ebedc446301a734cb8f5b7b281ccb

SHA512
fa212d2653fd64e76578652e5a95553914e9242a730685cd5db53bb037dac37cd36407f2a1321d59d6f4922261b6a39eb08c6e2b11904160b683d2442f5b44db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
0a1b14d6833c67145a2d6bd9810f1941

SHA1
09d12ba566d4f7c424e7bfb35a2d0c69cd960e3d

SHA256
f2bc6594fa4d6fcb93a324aba090b7db3e344a755e6e39cb60e49854793a05af

SHA512
dde37fcddc363ba60e653dec8baf738706954862404757f0ffd68bcb60feaf4a42a4eae428a6ac9213d7299f7de4231291b453a7e60a770a8366ab65e8afb79e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57ce2d.TMP

Filesize
48B

MD5
9907ce9bde2b164344bc41f12e13f518

SHA1
e037f9f8e75b9175acdc9b22c87a527cc99d6ca5

SHA256
65d8341ff6c53dcc88151a02cf5736909196e42f395683f3f1d77062282beec5

SHA512
10fce664767bec31e16842a671a8f1ee90c4c01a1b0192252e6bc37807f6c16502ae1a5eea32cdd3c19e5b15873825b3ed274a68f6db0ad7b55b7f2f1e9c613f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
0d847b19d1fffd2bb0d175e6f2ee5e93

SHA1
d035674552a15454d6f7a53bf923fcefae4a262c

SHA256
ec26b6180bd624b4ef83860e9d7711e1e0307bb30b506ddbdf914dfdc4049038

SHA512
12848bf77ba98a3e2dd8853cb3c89a7337fd372cab44ee82be13b610f44fbe6bf152ef809106b4ad89a99be3741f72b8929fef911cc0f25b291b722596f67747

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
6ec7ffcae4a61db725c3dd116ce510de

SHA1
2c1a2397d2fd33fd5f245261c869d00fada034dc

SHA256
e6d9f5e58cd9750ba64fe636d0fd19755172d68900d0b42ef6aa771633144fe5

SHA512
2f446e6dd9e36c2a4f4696efb1c5bbccfacc4d2e1f6a3812d5fb2899877fadfb1d44e586446bfb892ed52b14df3132c44cd250c3a150aac51f8c8f5eec300dea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
14bccf8ba8c628a44358cefdfe7d5ea1

SHA1
62bb9aa27edfdc57bad34eefc04d83da9d962edf

SHA256
5c06fc9953e8031c2738d273e4b3fb76be449d4d8a346e066085200fc51aa20d

SHA512
122d0205736f01ab349c1b634463807edeed7cb15713695bf8db5a8a8d8053f849c25e968138af1fb883fd4832c68fd2bd25ebfcf0694b1f1a36fee26dfeeffa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
d90633737a4272ec2ff9d039bc070298

SHA1
61844bf1f34eea9973231d08dda7b34fa5e3af62

SHA256
3a57f2721099fb7aefa95ebcc079cab8b694c943644aef7dfaa84c65c6c071c7

SHA512
8a2bbc7650ee775fe0e3e19cb57b6cfebf7336840a4b2e62bc42dfe68a4da359259488e68d63d9fe99f57f9f8c402e70c44b4ddff08d375b13eb42140161e950

Download Submit