hxxps://www[.]youtube[.]com/watch?v=-bnVGH62Yho

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
16/04/2025, 12:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.youtube.com/watch?v=-bnVGH62Yho

Score

8^/10

steam discovery phishing

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
160	4028	chrome.exe

Executes dropped EXE 1 IoCs

pid	Process
3932	SteamSetup.exe

Loads dropped DLL 3 IoCs

pid	Process
3932	SteamSetup.exe
3932	SteamSetup.exe
3932	SteamSetup.exe

Detected potential entity reuse from brand STEAM. 1 IoCs

phishing steam

flow	pid	Process
131	4028	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	SteamSetup.exe

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133892799592198019"	chrome.exe

Modifies registry class 3 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3975168204-1612096350-4002976354-1000\{07338307-438E-47CC-BD80-5BE43F095FB4}	chrome.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3975168204-1612096350-4002976354-1000\{24B40C54-CD43-426E-9A32-97FF18D9D5BE}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3975168204-1612096350-4002976354-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
228	chrome.exe
228	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
3792	chrome.exe
3792	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 16 IoCs

pid	Process
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	228	chrome.exe
Token: SeCreatePagefilePrivilege	228	chrome.exe
Token: SeShutdownPrivilege	228	chrome.exe
Token: SeCreatePagefilePrivilege	228	chrome.exe
Token: 33	2628	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2628	AUDIODG.EXE
Token: SeShutdownPrivilege	228	chrome.exe
Token: SeCreatePagefilePrivilege	228	chrome.exe
Token: SeShutdownPrivilege	228	chrome.exe
Token: SeCreatePagefilePrivilege	228	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe
Token: SeShutdownPrivilege	1480	chrome.exe
Token: SeCreatePagefilePrivilege	1480	chrome.exe

Suspicious use of FindShellTrayWindow 61 IoCs

pid	Process
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
228	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe
1480	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3932	SteamSetup.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 228 wrote to memory of 3956	228	chrome.exe	86
PID 228 wrote to memory of 3956	228	chrome.exe	86
PID 228 wrote to memory of 372	228	chrome.exe	87
PID 228 wrote to memory of 372	228	chrome.exe	87
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 3560	228	chrome.exe	88
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89
PID 228 wrote to memory of 2576	228	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/watch?v=-bnVGH62Yho
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffb6a02dcf8,0x7ffb6a02dd04,0x7ffb6a02dd10
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1536,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2136 /prefetch:3
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2108,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2104 /prefetch:2
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2268,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2332 /prefetch:8
  2⤵
  PID:2576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3188,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4268,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4280 /prefetch:2
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4688,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=3896,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5000,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5008 /prefetch:8
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5204,i,3655873062375260828,5729168325868676352,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5224 /prefetch:8
  2⤵
  - Modifies registry class
  PID:1612

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:2736

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x514 0x4f0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2628

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffb6a02dcf8,0x7ffb6a02dd04,0x7ffb6a02dd10
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2008,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  - Downloads MZ/PE file
  - Detected potential entity reuse from brand STEAM.
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2208,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2204 /prefetch:2
  2⤵
  PID:4552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2336,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=2344 /prefetch:8
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3084 /prefetch:1
  2⤵
  PID:3552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4332,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4348 /prefetch:2
  2⤵
  PID:3416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4768,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:5152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5380,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5388 /prefetch:8
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5568,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5588 /prefetch:8
  2⤵
  PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5508,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=240,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5848,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3356 /prefetch:8
  2⤵
  PID:3656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3320,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3208 /prefetch:8
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5536,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3256,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:6064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6068,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=3328 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6064,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5588 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5640,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6336,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6340 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6444,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6504 /prefetch:1
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5952,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5616 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5944,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=5512 /prefetch:8
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=6780,i,1682127849338404575,1550954489814830543,262144 --variations-seed-version=20250313-182214.581000 --mojo-platform-channel-handle=6772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3792

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:3168

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4440

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3500

C:\Users\Admin\Downloads\SteamSetup.exe
"C:\Users\Admin\Downloads\SteamSetup.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:3932

Network

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\4222f8d3-99d2-4446-b68f-566c85ecde73.tmp

Filesize
80KB

MD5
ea1fd2c8a13e5e97ef458890ea1d2f40

SHA1
d82d785f5160e776f69a1e7ea40021221624e681

SHA256
6f43c167a3a5348ab8ec6475f1b9a87fafef634b28084e20d96665c42afdaf20

SHA512
a1c0fe846c3d679d5c8ecb4015322bf54904f335b4a3e428eb485f84c00cc40bcc8749d26217a05a2c15e88fed7f3e2f086b9f34fb4801dde0542315e3c68a10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
fbea9f3fbf579c979bc1bd5b5c2c41c5

SHA1
3ab2294a45de7633ee30cf90a8cba2b0b8be50bf

SHA256
a8a21249c0bb85754151fd3df615c3deff05c69f40e4db70a5254473bebc45b7

SHA512
6de1b7b5d8774147e5089adbb7a1fad9c60f58048d3d96a2af8a3790b2363921e60f89adaa889b02a77e6f82916bd33ec03d13ad68c5bd2eb0b9ee9fc37d6d91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
414B

MD5
77e7635ae63a2ab2ca80393c708dbad6

SHA1
52325108d8310b6faf5de01c73cebf0b83ff0413

SHA256
3daf38af088576b44a1000fb5848a11ed2ba59ea12ad21a13f7aac35a1143f1e

SHA512
820d964bd4d93ab89a555f8a5448656732afb8fa67dba6e40419fa6388a53a49d52bc256134e65145492130daa621811841d47debb6fa9f0390df00cb4f2beec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
d3f049c474e3156af0801724256208b4

SHA1
acf241d7a51c6242e14e94528238fcf0ce1a1989

SHA256
1a36d65ac959169a0ed4c14af4b8eaab4c28486f9d1852f18fb15b817424cc55

SHA512
b604eed15e6c5e7067f4e4594c1c6541bc7bf10f9ed5e2d8f922698a78d80b8427e291c79876767864b2cbd9a23207398a45cd47f6a5b3ec2697893f80ca592e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
8261e3ee5d76178940f6e06fcc82d47c

SHA1
7e6bf10a37cf6afb2f1280721978298abbb4cac9

SHA256
9732404da2fc877db8d706e841990c2c8eb8c14bf8848142be1e75aefa5cf528

SHA512
cd4fce630f80cbd8625ec172e88ef1b42eef35f5d1106194cc4437969359e384c672e5170280b5fcc4b287fec4a18afde97cf44ba92fe1e3a8f319154b25da3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0063c1c26583ed7937de74d129d5bec4

SHA1
e65863154b3a44a58c7c6e04c541980b156efa96

SHA256
4601e3c63d50288559298b55231e0b77cb0bfcfd933125a3603a4263836fb6cf

SHA512
b3a9da52f98367d229f043b0a08b88bf7bbbd5a7ee9d0d136949494a6ecd1a8486d5f40445d5e9c56b812d10ac5a4f5586897c97cdc2274d4815818af1c33a6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
1c2462899415f09bf3a1d2383f53da8d

SHA1
ef697f9f8ceb2087868264fc703f7fe4ab5888a0

SHA256
1d14f281b50a3220b9d39db40fab2a5b335da652b48bb31e4a11b79837ac6c94

SHA512
3b4a9ed8b0a7c58c1b5d6e7cf46ff94dccf1195a7e68ded6927859af2339bb5fb11e030061b1d48e48f7cc9c3fe7bff5425f228eb2513a9405068978afde8d3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
52KB

MD5
1e2bbe411ab93f7bed7b947fbdf9363b

SHA1
6d7aa8c4f5a667e8ecd5496d0eaab7e4277c17e7

SHA256
b1a2967825a5cabc26f04c30a3172499c7d0cd47d7d1b20cf0c883906c2307b4

SHA512
feafda2dfbbc0c597cb1cc4922ba8db4293d14f995b0ff13766f1c22c6b167dd59149827bb539f1b0d8511f13d6d14443cebc75d6596852e95cac926d45e26fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
22KB

MD5
778ca3ed38e51e5d4967cd21efbdd007

SHA1
06e62821512a5b73931e237e35501f7722f0dbf4

SHA256
b7e1bfadb8d9c061f17a7234df012df7842ab1aa8fb6f9579fa3f0a3b4a75bc0

SHA512
5f6f02099ca8079305fb7e7f43ae4344d522271fe30379c0854d6a81b7d8adf408a50a4b799b5f52e6ed162ba6ce7fe97e24a2b9719df780e75683d3aa103d09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
33KB

MD5
fdc6c218c55e91c3b82b046f5e8e55dc

SHA1
2eab4df2b6a71a89982ea5da252e5c0e3cfe97fc

SHA256
6fb6dbc2d99325edc872743a823ba3dcc30077c29b8fe62cebe56108198fddcd

SHA512
4e88b4e7dfa8533183316fe1243edd40e58679d675246748d34a6a57999ac9ebb6f375797522fa477509b76fb62c2d95f8baa842a57a1ef7beca337da139f201

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
246KB

MD5
f9b96efa65f5184c5d4b45c8ab0509dd

SHA1
b82b276f33768cda0a0367ae86d50b672f7c0b37

SHA256
c898288a00c09f87dae802d14bf19bf3aa40f50a7f88a382fbfffbdca298ce79

SHA512
976814a4c3ba067d7ecc0e1d82fefd12c1bcab0876d11a17027b0ad8a025b27f3f69ea9b09c6be89320234bcd56a5053fc5b0739ff3fd4fb58ee540f2c6f7bda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
648KB

MD5
6c7dac68f88d97a830a2bc517bec7d5d

SHA1
ecaef98686211dbbbe65a0eb700f068b6d7a0c57

SHA256
d7ea250234dd9fe0c22e011cefd93ad44616c47f43fe0299bb94afe0c5999fe4

SHA512
7c3cc65892a8ca601da61ee2744d46ecd2facc8e70f7d40569e93151db7ddd0d5fa9d3790b8bfbe962580a68adb5c56eee61d7cfe296dbf45b89a50f53d1bebe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
1.6MB

MD5
7001d690f5a13fc6bc72e3d11b9e22f3

SHA1
7a342603dfb12adac9aa9129a7ae74390c837d23

SHA256
d04e5b633b1bad15263a3bf27fe5c66ed86fb44fed5f1b19c36e56b74ef73e4c

SHA512
a59a9f42cc75cd440ecfc19574a16447acc02ba08f68339e6a03e482a3483b03e57a1bcea6c010a0bb765aac71fe33eb0bf31bc37bb8741420e73fca63ed7847

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
34KB

MD5
f00ec8a8d2a17dbac50bb1287d3a0802

SHA1
ce8f81a7c477593c599e2457ba059c7b9d31b5be

SHA256
3df2fc301036ea90ccc048f2fafb80676bf7708c1bdb9e1ef752a846ca9ce284

SHA512
4e612d4050f7a3a238cab245a90f5258ea9f963be357789b6b1495cf6afecf5bc66e02aa529ef57875851a6d68e29f02146b61e67d191b45eb48cc6481498ff9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
35KB

MD5
decc364cfb85f67d2c2d0514736550d9

SHA1
f6cffaa190f0efc6e0637f09a35cc93a02254e28

SHA256
0c1383efddb5a50a72f5810f3b3ab3771fa9a708a3d3fa351b6eae25dc533053

SHA512
e10c3215291ca5da2fb60d0d9492fc97a204ab1af08c0296b2fd88f48e23ca3ac9f4e49efd0112905662c873ca36a3411740e410e0bdb8832ca76f0305fd63fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
39KB

MD5
9a01b69183a9604ab3a439e388b30501

SHA1
8ed1d59003d0dbe6360481017b44665153665fbe

SHA256
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

SHA512
0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
21KB

MD5
4ed7064123928ecee45ead8c8d1e8761

SHA1
bff99b298efbdabc1ca67940ae48162fd1bff155

SHA256
bfe0d976aeef7dbe42f3030ce8c4ce97c649ed4f1868b3fe467503f477f778e1

SHA512
c7beed7d0c1b9d2f65b59109d13d0182aa256a30b4e7e88d685a10f9b8cffc738cbaf4bad07d30d7981e096002ec46ab7a77c4a2747f20515cc7fcaa12405ab3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
31KB

MD5
2d0cbcd956062756b83ea9217d94f686

SHA1
aedc241a33897a78f90830ee9293a7c0fd274e0e

SHA256
4670bfac0aeaec7193ce6e3f3de25773077a438da5f7098844bf91f8184c65b2

SHA512
92edce017aaf90e51811d8d3522cc278110e35fed457ea982a3d3e560a42970d6692a1a8963d11f3ba90253a1a0e222d8818b984e3ff31f46d0cdd6e0d013124

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
41KB

MD5
350fef14b9432c8888714f9d69ba79fb

SHA1
f02876195e3b3628384124d63cbcb3606a06996d

SHA256
dbb362d29b9b4111e7722bae880e8a79ef8efe96db4cdf7869195f5cd0066fc5

SHA512
8fab4f3151a81a2cf0465aaf245d507da97c230eeb86dd6e9cee798e4d8d953aedb2e7e4cc004fdc8a5f7e8af0ded27aeefb4c626ad61c95f38572e13d49d419

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
216KB

MD5
50a7159ff34dea151d624f07e6cb1664

SHA1
e13fe30db96dcee328efda5cc78757b6e5b9339c

SHA256
e990d9d31c4c7d57dd4795e43baea05501fb6ea8b7760f89001be660425dd01b

SHA512
a7768dd7e315b07754a305080e0fc023765e5a224b2c3824e8e10f29286df63bbdefef379e069941fd8cd9c7c3befce976779ae2efdfb6e7da697b09d7f07250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
c5eb21bc66947dabc2147bc1bdfacd3e

SHA1
abfd369e37e4cde1c8f477dd160390e282859337

SHA256
769dc1bb218a5398ad2c8b883dfc769607fae0e8ea0efb176752b69b9a72e3f4

SHA512
6f15f4d21e2fcaa3b503d0d7d8c86d08d869e945649e8891bc12c262a082b741a0686d9ac05d8929e47f4379019e385df9f29054bc05c13213a89fb1df15b52e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
1cba18f5788b6ed276b77a6e7215c23b

SHA1
7ee6ee8a6f71491303a6513c43d3dff309ea5c01

SHA256
e6ac3f4d625ea044a26189c90b8a34d6f654b49bfb2cfda19d0c2967c1c74384

SHA512
7b331092b6647c8243815920a315ee6b798a7f149b8f26199d4421074c7186cf99cbda0f3d550558ec4e5c8eb0ed7aea6843da7fe9c9d9bff849376610adb0ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c7896abe157c89647f5b8aedb4629780

SHA1
747f926ed787707205ac198e1dfcb4d219db1f64

SHA256
d7fcea760463b434f7fde5cf1e772e532e1ed28076bf774a07c353e8229d3988

SHA512
178b816e9371b1baeab4ea83937b5b4ab59ad4363777d832650ec8554ee745b7fe254a7a6db72fe9cf4b9c7e1a417092640ee981ec661fa4ca0360fa3fd6fad8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnGraphiteCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0

Filesize
44KB

MD5
67982ffa07037b576b699af1849828d5

SHA1
3ca0939a23787562f90cbe79d37351e0b782db3e

SHA256
e3dca061adc569c9da3307d74a37de323e0f4001ebef6e98ae46c62aee2b0a14

SHA512
a50ce297c28235f9a80169b00c8503eaf80602dedb47a0fdd053716f5e4344ffb20a41b3c8c967698da1ef8be601931c305a7b724decc2daad665428b55817ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
39404e50542aaa15149c9e7edb1759f2

SHA1
b58f3b2b74b2670235f44b6613df46e0963fe678

SHA256
b8735ec702d0f4d22fddd705f4d78766a7b251bc11b6e98ec4bf80b0e8575200

SHA512
d8d8f133dfd911cf6045fe234a5d9aa7850248e454c7366a0dd2df3305e25ae46ccedd6f55b59e38b2837df37d9a72716304c9da8f4fde791a8a5f4d9cb23bc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2

Filesize
1.0MB

MD5
6c5201f337641cee957641132609e2e5

SHA1
2e75f95d6fad7402b6009a034217286518a83ca2

SHA256
77caf148e46bf8848d70ffdfa8a274195fd00e0262ed2dda4efa6932b5d987c3

SHA512
2329a53e0a23bbe62d772365068d1fe266e7e10fc0955036989a803f222bceb595f2383b01719fc2b47e26056a376beda0f7519ba8095b27021b7eb1622e4979

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
c1a942fdfeeb431f451eafd4c6b768f9

SHA1
425cff0f858781a5675c2493b298aff699ffba79

SHA256
57d2e4d7138a54dce138f8126b779b1bcc1ef9a0d6bf0332845adecd8b77e1eb

SHA512
7ce132771ab775eaee001226e9c5cf0f60cd4876ba96b18b217ae55ce60dd1b88a1413fbb6107c40dcccfdc1eacae5f194153d05d093aff136f9ec871c961ec7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
20KB

MD5
9f00a1ae9a5f882fa3cedc53d3804c7a

SHA1
d9bd1ec8c235dda3b33fadc127478c952df3f2a9

SHA256
b67abff300c823efeff73d20d74c2344879d4a7aca5c6b37f8d89384fccc344c

SHA512
d31f62f65c4aff24f5df9b802bc7468034136520454ebe21c35045e20d5b89ba950df170daf98c4833b0f291a54c8f6e5704c88d87bf387ea713fe4efecbbd0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
629d6471b3f70d2621dd10b41544ebe7

SHA1
aa60ee4c56b19b9ddfed234f71c15f8ff68018fa

SHA256
0e9772a662950227dfb893ea7055fa048a210064b11f393b1d6d1cd652090e22

SHA512
6047c50864de8875bfbca72ac7dcd8d9545d1853a1a388397a1ce540872115fac4d5cf0e203ba0452fab90f7ff167d561f1e2b90653be26086343a44cabd7a88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
f3f4e4b4d8651fce3f205349f8d89d25

SHA1
c2cc2fb4ae6ea00295fbc26654fab02e29a69164

SHA256
adaa572ec9ab5c1d6fd089a15df55b3a15f2e7dd2235c236d45a3e311c5e06d5

SHA512
dde0080f81d79f8285325168cdfe24337fafb278f2289866da70756f2296f9725b99d70d1b0e89b558e95af4bb29ce85969b41c1ddb424ba72bd02e1c504870d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
3ab32ac58b7e591729c6e425b3fa6c60

SHA1
4e40f26c4c76eb0bd17f39da85baeeb84606c0ca

SHA256
4ae9c59dde976b37b658fe5eb0a9fd46468d0d413034c520a9e3fb0cce1ad2a0

SHA512
02967960070c05545bab1d59616006bd43f93351538c9e6b04224c6ac5bea64d437e91e22114a8194fedef9d085826ca6e288edaf791bbafe14348642a0b9a45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
5507e13f84056b5e1cc0683aa55974a6

SHA1
76ed98bfcefbe3d14a58de538ae1f8a85a1e5060

SHA256
5d104f831f0417ccec669b402e828067354382cb078cc48df85dae76fb76952b

SHA512
0e2c96737e2a13d783df70e21d0b52b17e93683022dbe4d08cb60288cdc664bd3cfe0a385f588f4abb23e827a58bf2b2f033442f7e820c70e385e9963a639a48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG

Filesize
293B

MD5
8b3f29553773e781f293512198691653

SHA1
4eead44a67e6db4152ce2d9e45c5daaa419caec2

SHA256
edcdb794712c3801a76c9be7ad8fb7224fcda57f83e53cc4e17dd867a2af8763

SHA512
afb090a3e20d05f4d9a4646d7f8d6648947868561bf5ebb8d67274e0bf12f88c09b934eb913575ec34ee8d0600539a75ab74e0f404abaa9c4f7cdd69402c30a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
db3d7d3515c89c5b0824b4832a30cd04

SHA1
3c4112edd4857742f9798bf5fc1d9a560adde29a

SHA256
8adbd874ecde176bd9c1f190653029b126d11c85f92a02c09f5ceb535cf67c7e

SHA512
a09c55e4a516defebda1c7ff3568a4465fc005b4e713234640d67f9681076cd9a9fdab45fdfc2797e358e388d89ab101f47230e1fd23ec90e2e266a5b21c76f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
7a1bfc5b5341176992fe9d7146ec5313

SHA1
d5221cea8d4cf0afb69581076bf937d1d91ee3b5

SHA256
abb39d6f6c128cd9f1948b2ad0e0f109a0ca4041f6a01d163f4d91e6d4c79849

SHA512
2f870708d3e5a94ded49ddc5e59027e69da117147c2e5dfb9c66c14a935184226d36703f96841a6b3af6cd4901a650bf771c5fae2e900cdafaa8de91f9f15a48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c73412be7015a241eec8da2597a8b944

SHA1
7730806d41a65593187e482c17c456517e766522

SHA256
246348b1997b601a738ddb5766b9c0b1c1212fac84eceae7c1cc799ffdf0265b

SHA512
cfafb6a7edb2a95acae2b5892d130fe09cf7860d6f6ea107669e448fc0645436aa8a8dc3403bfc91342f5cf3c7eb57e02572c3bafffdd8ea25b4b39e12e0f971

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
0b4ab194e88927d3b0ef03834ef8f61e

SHA1
57dbbc1cff6dec9030a1ac36f1bb21c1f427df62

SHA256
738c457c8eb81b55fea3a14c852be68ab0309a3eb21263def8c742bbb28c23d0

SHA512
f4e1f41dc09d1fa03a9be9a19ec312be10a63853e4ec5129f1fe1553e58186d710b14e07a4b4612498b4538b128b01e7ccfc04bd9394331a1889b8f31ce5ccf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
a0630ddfe3209d03510befd1d534d724

SHA1
04e634e7bc6635eb6529be49c455045fc67eacdd

SHA256
b650754afa49f335a58b7350f8a7db94602d21e54418e48e79c71b69eb22a804

SHA512
0c211f8f64c98f26bac939ea8677c37770c0a69096cd898736509278b58212b4b1e025a21ed3e23ec63836ef16bfec646fc78beed8a1d26034e247b868237ef4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
74062aee1b5acab49a906ab36b04f127

SHA1
d34f9010faec0e1b6fc5e6660e3f77033c7a7b72

SHA256
b0951bdf34d05fae1afc85e0e37d47860400788f5152e8741b12e993b99f801e

SHA512
2c5bb5e9f244bce9f88511dec1d844c8f3a33ec3a12d02dffabd5b2a75619a27fc899264c7955f485f4245ff210d85aec5457091a7b6f9aef7bda40837f7b4bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
395178b1c7abfe4e155e1cf07771a36e

SHA1
a1a8af3ca3366a4a2f4d8c1e7cd85d58d527ba3f

SHA256
aa566f05d04495172ba2e4555a862f06cf1c906332eb67b947eacc488fd1d452

SHA512
5ed84bba5394b6ed3e98eda2cc9f69a43b07490b69327070393b75cb159d03b5c3529e5bae6688c6df2821d47f9b2080670a52f604b4232cde8673460b311dd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
343a1b0b7c9b4377899f0b55b1beca29

SHA1
72fcb4388590c149b300958a1cf8a54892f7da01

SHA256
893271911b5f4520522c55435b643720a756395c87db3b509023ca930668747c

SHA512
0ee512052fad79d04d3b14641c2cc831b173ae6239917fb99700825104a78e4b090a74051438b4629e92e3e9f44e16adc8938685a48ed42dccce018644640d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
7dccace9555c27a0232b327ff181c1e3

SHA1
68eaa38d3fb64eb17297f51c69c10c11d848453d

SHA256
9c63b978cec562beae567545af33acacf701d71d6fa8d24a644cca431cea374e

SHA512
6c9c7a56bd9ae35515195cb0415447f8601b729f995e08b2c7e5fcbc20cb83b08e5df63219746d8651c0dcf784f7bef832f72566754b03b9315f980bb863d6dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
7180086aa4dc4f8baab7ff606c90ee07

SHA1
d06459bc6410d018aa7411743b3d9be8345d3296

SHA256
f42b4d6c781fdbca6b16ef80aa2538953eeaf5d597819525e68eb034f026c784

SHA512
9452eea6cf9df3879c4ecfb9b972e264300e38ee565d19d93958db554aecf33b6d1d0bc09f3ce5c30284c02b17bbeeadf82437ae09d7d5d64bcbba45843ef606

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
9e53f9b88622778cece60bfca0875234

SHA1
d6fa8c9fbd1c914187427950c52788ac26c1d8b8

SHA256
923d690dbfceb10df4e0019fccc10db0e27bcce7b87288233c5110fa8f840b39

SHA512
541feadb7edf22c17f87296826404af1439b567c1735307a6e071e2841a654460a25e3141259bafd0b049e8765949836bbbca5a70ddde70fdb01d47862eb2ecf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
5a8805532135ed818f9c04886b89dbdb

SHA1
96cf2a8a344d40f767ffeec060b7637299f6b701

SHA256
f6ac4b0c44b5d2d5a3c2952f0bb57ded6f1830ab387f22c576816350326ac63a

SHA512
ef6c600507163066a109485f4bf68af35be954c8a4e74108ac7b9725c35a76930ea6c027bf8f3e848ae303faf2bb6e31f232487ba9be3979677820c7e5fce98c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
198B

MD5
c79dc9879fac5d5c64ce74b86e43e1d9

SHA1
e1027badc9ce4672b1dccf1d55ee0f1aa0a4208f

SHA256
77307cabe3838f75134aaa50c9f86eb226d30a8e8473b64048f0712e6fcde3e3

SHA512
8fbccf6aedf815484e464768184af986248d3509ef41970ae15cc333b03ee44086f77368437cf8e0a82831b53ff2ff92125262628ea612923d02effe5a4e077c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
006f0f51729530450f7f648ef61f66cf

SHA1
45c9a180887e69c5617f62995bf0e1d312f26f2a

SHA256
5eda842eb3dd275ca5bf4c30c8f21adbcebf5266607703effdc764794428bf68

SHA512
3b4a917ee8a41ac533fe62352570fb1c2e080de8654301f08c133b78fb5ada01154ff5ffad6d3993694d6edfe05f04be193a7f925e7031c9ec3d65c1ae8436c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
191B

MD5
8b4764c9469d98220b0171e44aca5dc7

SHA1
42bdd521d4367f2dc9b353a9f8914bb39105b3d9

SHA256
05c3b4a027ff4ae7db002ffbf923bf6f103abd0f3c7544a0cb2b364432474ddd

SHA512
d25630fa813bc3415c5709b4025f9f294249a186fa529e7a065b0783a5e07254254dfe1c619f50003a89da1254ca6514aeb11f409eb4a8a0ca484f91b26677c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579eff.TMP

Filesize
119B

MD5
b9a938ecc2510d1f2c3684390505f3d9

SHA1
f99458a5db81f7f176f1b3aa61e60fc2b3d51097

SHA256
78271b2d13d55c086316d4e7e6ff8832fac8727f3d7754c11acd4f33f628c6ed

SHA512
b8cd41808e8f8edb92236968d2e96dacb579303095656293972ee4585f2d38bf41fa53f4ff213200e63f3f23669d5883ddca2be1e64d54d59031e214c484dbe7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log

Filesize
3KB

MD5
6aa5939407aab51330941c956875d175

SHA1
46e234813e27506810ff3581e6d330e30a92ed9a

SHA256
467e9b19e2bce022c1248265639dd68be3b525ada5d084684f1ce07ad71e9f90

SHA512
9e6f328c548674d60bd07771b3e1b04c251724e0a10e6c6bb3fe6ccafa405b6b4c70c9b7cbc187cc5ac1bffa6abd0298abf434edb4171b00ac8202a8cf4e0a4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
333B

MD5
813c9998567ab0b68ea6724bbffb9efa

SHA1
6fabd129ad04d15673e130a2026a8e378b774c28

SHA256
b87f3cfa61074741203452880b254a20200d2b248c17c51e16ca9ac7be3bd368

SHA512
432f3cd85fd2890defb8f6d837879016d44cb390c6bee918476056cef3e4b5f4191eb0961b12cc7b63fcdb074ad36e80580d7f82af6a3a72e1809cd256f14bdf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
89b690b7d48acf4d59421a9db0459e67

SHA1
1072c9a216a4d32a4c8cae10abf7e2140fa28a93

SHA256
f75f2d7a3ddf0aa4ff01325b4bd21cf7bf19da822347d5192a9ad0cb545c6c48

SHA512
11aced055f93c3605c47af721ec96732aba8b5a1f46d363d788189982673dbbf9f6e794abc25b7cb1ad78f7d893032439637c639fc48f9224bb4222255be9d20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
ba9e49a88514b07ddeec12c160ce6dbf

SHA1
d692248c0b894b4f8802955446c70647482811c6

SHA256
e4c992da936bb76cc4875d3713bef30c60474a7941582299fc260d663adf40e3

SHA512
31a58d7383b68c60568ae2dbd6a32fdb1e4a8bbc3d1ac269ca48cbc0f9f304f047025e58af103ebc1f322710d0ef76ed2391ca33c4af447d56ac227cca5683a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57a5e5.TMP

Filesize
48B

MD5
3867671a46904fc8aedcc73ced814b3b

SHA1
25103bfb4cf161fe112c2271d57ce465872d4a87

SHA256
a9f5e2f8e4ac0b5bba054bdf92a6c70a036353129ebc34a651c4b61c7e9270f9

SHA512
bfc59598a8485f0320bfcf59c42f0f760434c0658180943459cc97ad9c2dc18c537ffbf96c18ae3cb4bd7abef9533e5d1f6f0120675ad11a40ee745879c8d3a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13389279945670611

Filesize
2KB

MD5
bc4add1a96657d9689d6e69b849ab1b3

SHA1
c33075abb6f30812ee19807074e3bfc47c4c0c66

SHA256
b514a18880c597afa4139956ec304147c56290196371310f77f389b6f8040d69

SHA512
9c7c232ad54fdb3b7a5b9fa1316cb1e1e6ae7e02e88415949e6ac364bf2296f2c85332fcdbbc022cf04d09c7cd86d733dba9b16bee882fbb7a42435d23b3f246

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
176f150323efb4441b350c1d0feeabe3

SHA1
1661421fce2a4c027a552a882a1979386b52f768

SHA256
3f505f8539cdb04e4fa3c4b760edcdb06e665b060c8c478b5f8d5fcecf8797ab

SHA512
e8143e0210e494979c8f88252c32d7c0ec9b3e1a4dc125659f16135cbe6bd68347ca22f68e0c3907714793140ddb93ad5729e808692de6aabb1e09957f76dcd3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
da7abf84da80d0dc2e47f7412995273d

SHA1
17fa447377f0f681c8cb540a834cc6ad7b9cc360

SHA256
c3964eed9bc28f57aa0d827a2bbea09949bcad70038d858c740a1a8e46f17e89

SHA512
b6ab74c9afa337dafee85ff9da443ae73f136bc0667555777fa2bec638c3cd8ceda978b72f5f62986f73c68341782e89fb2057b226cafcf7363b6da793ed626f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
3b4a2bd05bbaa6bd18ad3411013ea052

SHA1
e9102055ba877971ff21b5b58829dce2555caf95

SHA256
7954a35dcf47f95abe090e8880b7b17a273eaff42596aa2b9b7c7d392b064893

SHA512
1fcad1850743e8366b314d5c2460c465b8d8532b6b484e758a9edfac18e4b28a75232e76cbe546416c47ea1e08459ba2e8384647159ddbf6a8488adee83c3687

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt

Filesize
76B

MD5
46cb7641be727eb4f17aff2342ae9017

SHA1
683a8d93c63cfa0ccbf444a20b42ae06e2c4b54d

SHA256
944fff1dd6764143550534f747243ef7d84fdac0642c94135ab40f584520f63e

SHA512
dc1b5f363e90abff5c1663a82764296922c842820d2819805e87da6da1081f1b5f2d8debc83ac34a26ce289b7b22588b022433686b19b039074ae184968b9fda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\CacheStorage\index.txt~RFe590620.TMP

Filesize
140B

MD5
3b461b331c41d7d85e6f6e0d42db54d8

SHA1
4159dee76afd0bf97582a5ff5b364fa9ae32c3ae

SHA256
8bbecf3d6b6d370bad988edbd86e29bf39c255f44660863d4a17562a4b71758e

SHA512
d4041ce4f08b55f01e7942095f16c2b6616b3903f8df82796bc32e66a6764eb847b19f5ee85e2f4ff6609e52ac15d137e0cdf90300f254695e5c98bead769cf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\3\IndexedDB\indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\ff31efab-26c8-4675-9b10-c28cba4c5b9b\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt

Filesize
85B

MD5
1a7f412cfc1e572d1d4cb8c42b629d66

SHA1
bad9d40c8d4bc02a2383b1dd829d5505dfc96b59

SHA256
2b80e0aa515426c9168d988b158063d562ce60e38245147864df5d213b5ba0f1

SHA512
18b863fbfc2bc0cd7dceb236942498394eccd089af9082174f46e2a52ba1c296361de3627fe83dbc40fcfb3d77529b4beb8e55dc6639666caff06247a2136d60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\4\CacheStorage\index.txt~RFe5919d7.TMP

Filesize
149B

MD5
a28bff627bd448a60b820aea171281b3

SHA1
0c8a81844abb59787e782235a42f2fe03b606be7

SHA256
5e5e78dc515fdfbe85f7bda94c8e58592b62060ee8dab75b83a508608315dcd7

SHA512
b760ebfb92c17a5b18d7e353c2ca05b6bd2e64d2f25c8bb60f4f5da8527cff83cb2a120e5e673600869307afa818d384c9c757e5c9e59884a8575d58c74ab165

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager

Filesize
40KB

MD5
eac2214cb787a8140a60b5780ed40088

SHA1
485330590fe47d995c060829c168ae5e4b6040d1

SHA256
0a824e8a5de7e80d6849f0d60042deb7ef9d03a24f8ff3329aad711719316ca1

SHA512
899716d787209b7981c286b788b01a1dff46b94ec728c5dc7cc5b228f69c4bb3c5b6226eea455f442dba5ab0218ab4b7226af66bc255b9856dbf1010b0002afb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
20KB

MD5
9f57850ac036c85512aa6d5f757b3a4f

SHA1
a9328fb56850e73319c8e912d0636780a865290f

SHA256
57a13b97d89acb06591173f6c7264ca142003c8255e219dbfb81cc0234499d7e

SHA512
56b1d4d438ba7db186636add2309039ddfca8a6127d4a76b6e7938c9b595ce5bb86c145d11193337313f51da80a01e651076fae498af7b62ce7657ed1c70a494

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
320B

MD5
08f36ccf61e7855cdb4336ccf226cce1

SHA1
69b84e9ab4c0f611e0fc3c2e104c8c906b422845

SHA256
24ae6c2855fae21e763db64ab5dfc34ab7e6c7ffc65cebf461e379e417879837

SHA512
5622d5eca1011883382ea83856be085dafb8a9b2f3661a9384858d18beebe440d6f6f50e06bb3c3376c98823f0c97423d1c97f9ea9d4ba53fa930c0643fb31e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
e222c9de96e08039f9c730c361ed08d2

SHA1
c049bff745e5de951064a701e59ab13dabb3d207

SHA256
87f596cb5e5e67299a8678b722bda0fd506551f6b885a2d92650a956d14b7b49

SHA512
ad4150543f28812fcf249d231f7f7784d611c7e2a334c9ce3f30022b670d1c8421af8a3ae48ad49c2ae4afdfabf9c8a59045d8666a4c2dd0b855ab45382f6b52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
338B

MD5
448b2a78b3b96c6b8bacbafc7e5c593f

SHA1
6a36ac2fd0cc03056360885d72b6a3e733a6212a

SHA256
dbc17326210e8a1ee003ab380ff079c637de3e960aaa31e9bfef4b00bb18a3ba

SHA512
bcb0121fc19435036a3f881ea666021dcb378666c832d4516af3317ece96e61f80a56efc0ce7f3908a193491c1211fcf5ef496b32796ddebb36fd4fa67872421

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
13B

MD5
a4710a30ca124ef24daf2c2462a1da92

SHA1
96958e2fe60d71e08ea922dfd5e69a50e38cc5db

SHA256
7114eaf0a021d2eb098b1e9f56f3500dc4f74ac68a87f5256922e4a4b9fa66b7

SHA512
43878e3bc6479df9e4ebd11092be61a73ab5a1441cd0bc8755edd401d37032c44a7279bab477c01d563ab4fa5d8078c0ba163a9207383538e894e0a7ff5a3e15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
154KB

MD5
094efcbd91c0933aed42d14616712f77

SHA1
a108ed8326cd0c6bcbe793cca4350d52970ebb4a

SHA256
1945928fe6339734282837e66918cc0e20cd936d35c9024737a68e0afe4c5bbc

SHA512
779d5ed5bdaa2bbe28b4b578d10885e3db6adf2ec152ffc0e048f8bf63d2356665275849b54e9e8531ba1d66529e85a1d9c2acbb5213701a1b5636ddf3a47d65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
154KB

MD5
af2ecb1d53d387752f1f9e28ecf6fab0

SHA1
4d3165e938152eed32d750db85cbbf8ed938d1da

SHA256
8b026d67e1fdc6d8a0f0d7a296a334b8baff72b3067c47db13421c6416d1e8c5

SHA512
32673ea03ece91b03e72f4a12654c69c0f7d9ae606783f07842f1029afd7546e355fb3aa144081a935557f7a0d909c8fc17b4ead381f4db0da630f6c794d2590

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
945daf0a9c711c7cfcf62f86dba70bcb

SHA1
75addf00d639fdf68feab9f54d7e9d250b77482e

SHA256
8919541802401504a5182a8ebe260ed79e48cff303f9c80f8782a1d56f830f7d

SHA512
5e8b13e7e536e11362901bd4c291033cbfef0efaa2a07a08ab94f9894573ad0f11748245787b7756b24441153a4b5cb313608fa85961cf4deb7165625abcf813

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
8549c255650427d618ef18b14dfd2b56

SHA1
8272585186777b344db3960df62b00f570d247f6

SHA256
40395d9ca4b65d48deac792844a77d4f8051f1cef30df561dacfeeed3c3bae13

SHA512
e5bb8a0ad338372635c3629e306604e3dc5a5c26fb5547a3dd7e404e5261630612c07326e7ebf5b47abafade8e555965a1a59a1eecfc496dcdd5003048898a8c

Download Submit
C:\Users\Admin\AppData\Local\Temp\nslD1B5.tmp\System.dll

Filesize
22KB

MD5
a36fbe922ffac9cd85a845d7a813f391

SHA1
f656a613a723cc1b449034d73551b4fcdf0dcf1a

SHA256
fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0

SHA512
1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b

Download Submit
C:\Users\Admin\AppData\Local\Temp\nslD1B5.tmp\modern-wizard.bmp

Filesize
150KB

MD5
3614a4be6b610f1daf6c801574f161fe

SHA1
6edee98c0084a94caa1fe0124b4c19f42b4e7de6

SHA256
16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b

SHA512
06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281

Download Submit
C:\Users\Admin\AppData\Local\Temp\nslD1B5.tmp\nsDialogs.dll

Filesize
20KB

MD5
4e5bc4458afa770636f2806ee0a1e999

SHA1
76dcc64af867526f776ab9225e7f4fe076487765

SHA256
91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0

SHA512
b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 677864.crdownload

Filesize
2.3MB

MD5
1b54b70beef8eb240db31718e8f7eb5d

SHA1
da5995070737ec655824c92622333c489eb6bce4

SHA256
7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb

SHA512
fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

Download Submit