Analysis Overview
SHA256
f6553af26bd26235d620d64515b1742f62728fb672a68eee43977452ee3da63c
Threat Level: Known bad
The file YammyLoader.bin.zip was found to be: Known bad.
Malicious Activity Summary
44caliber family
44Caliber
Downloads MZ/PE file
Executes dropped EXE
Reads user/profile data of web browsers
Reads local data of messenger clients
Checks computer location settings
Loads dropped DLL
Adds Run key to start application
Checks installed software on the system
Looks up external IP address via web service
Legitimate hosting services abused for malware hosting/C2
Accesses cryptocurrency files/wallets, possible credential harvesting
Program crash
Enumerates physical storage devices
Suspicious use of WriteProcessMemory
Suspicious use of SendNotifyMessage
Suspicious use of FindShellTrayWindow
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Modifies registry key
Suspicious use of AdjustPrivilegeToken
Checks processor information in registry
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
Checks SCSI registry key(s)
Opens file in notepad (likely ransom note)
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2022-05-24 05:49
Signatures
44caliber family
Analysis: behavioral1
Detonation Overview
Submitted
2022-05-24 05:49
Reported
2022-05-24 06:07
Platform
win10v2004-20220414-en
Max time kernel
1061s
Max time network
1065s
Command Line
Signatures
44Caliber
Downloads MZ/PE file
Executes dropped EXE
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\Update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
Loads dropped DLL
Reads local data of messenger clients
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe --processStart Discord.exe" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe --processStart Discord.exe" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000\Software\Microsoft\Windows\CurrentVersion\Run | C:\Windows\SysWOW64\reg.exe | N/A |
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
| N/A | freegeoip.app | N/A | N/A |
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\WerFault.exe |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\~MHz | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1\ProcessorNameString | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9004\\Discord.exe\" --url -- \"%1\"" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1081944012-3634099177-1681222835-1000\{6DC7BF09-966A-4237-8F4A-76CEB03F63EF} | C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1081944012-3634099177-1681222835-1000\{94C262E0-CF2C-4690-9670-182EE6E3C01F} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\shell | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\shell\open | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\URL Protocol | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9004\\Discord.exe\",-1" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1081944012-3634099177-1681222835-1000\{2CD7AC62-D0F1-4F5A-9915-353D76CD5C16} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1081944012-3634099177-1681222835-1000\{EC45036A-254E-40B6-B62D-F41850A9518D} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\URL Protocol | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\DefaultIcon | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\shell\open\command | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1081944012-3634099177-1681222835-1000\{60F3879B-8665-46FD-BAAE-9A1A83730AFF} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\ = "URL:Discord Protocol" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\DefaultIcon | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9004\\Discord.exe\",-1" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\shell\open\command | C:\Windows\SysWOW64\reg.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1081944012-3634099177-1681222835-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9004\\Discord.exe\" --url -- \"%1\"" | C:\Windows\SysWOW64\reg.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1081944012-3634099177-1681222835-1000\{DEF80DD4-9CA5-4A58-BA2A-EA2C53A6BBAD} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry key
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\reg.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe
"C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -pss -s 452 -p 4340 -ip 4340
C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 4340 -s 2264
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce3344f50,0x7ffce3344f60,0x7ffce3344f70
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1652 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2008 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2300 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2892 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4420 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4524 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4612 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff60e9aa890,0x7ff60e9aa8a0,0x7ff60e9aa8b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5244 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4824 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5284 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4432 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4528 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2924 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3176 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3580 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2988 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3776 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2940 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5740 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5644 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5676 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4604 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5700 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5548 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6300 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5852 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6544 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6564 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=7108 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6596 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6168 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2724 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4e4 0x4e0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,6894021259147510302,14399291918490709610,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe
"C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Files\ShowUnblock.txt
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\8a89993c11ec4964bfb4d4176f5ed069 /t 1920 /p 4452
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Passwords.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce3344f50,0x7ffce3344f60,0x7ffce3344f70
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1760 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1664 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2420 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2900 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4560 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4688 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4712 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3108 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5536 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5492 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4564 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4808 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4596 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4500 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5716 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1644,2360941967557306607,1413822663986001516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3752 /prefetch:8
C:\Users\Admin\Downloads\DiscordSetup.exe
"C:\Users\Admin\Downloads\DiscordSetup.exe"
C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe
"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --squirrel-install 1.0.9004
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9004 --annotation=prod=Electron --annotation=ver=13.6.6 --initial-client-data=0x470,0x474,0x478,0x46c,0x47c,0x74c3850,0x74c3860,0x74c386c
C:\Users\Admin\AppData\Local\Discord\Update.exe
C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=gpu-process --field-trial-handle=1752,13984763208074059111,9946599753597763014,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1756 /prefetch:2
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1752,13984763208074059111,9946599753597763014,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "C:\Users\Admin\AppData\Local\Discord\Update.exe --processStart Discord.exe" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe\",-1" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --squirrel-firstrun
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9004 --annotation=prod=Electron --annotation=ver=13.6.6 --initial-client-data=0x468,0x46c,0x470,0x464,0x474,0x74c3850,0x74c3860,0x74c386c
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=gpu-process --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1776 /prefetch:2
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2468 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\resources\app.asar" --no-sandbox --no-zygote --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2656 /prefetch:1
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe\",-1" /f
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe\" --url -- \"%1\"" /f
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-compositing --lang=en-US --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\resources\app.asar" --no-sandbox --no-zygote --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1 --enable-node-leakage-in-renderers
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3936 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4004 /prefetch:8
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /q /d /s /c "C:\Program^ Files\NVIDIA^ Corporation\NVSMI\nvidia-smi.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discordapp.com/handoff?rpc=6463&key=3f010f91-88e6-4cc6-a6af-62a13c04fed6
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcf34f46f8,0x7ffcf34f4708,0x7ffcf34f4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2448 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3176 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5312 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,2644170729340229032,3478762839298461031,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4968 /prefetch:8
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=gpu-process --field-trial-handle=1768,306161437144464174,9698286252545312590,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3408 /prefetch:2
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe query HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord
C:\Windows\SysWOW64\reg.exe
C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "C:\Users\Admin\AppData\Local\Discord\Update.exe --processStart Discord.exe" /f
C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe
"C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe"
C:\Users\Admin\AppData\Local\Discord\Update.exe
"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe"
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://sentry.io/api/146342/minidump/?sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord Inc." --annotation=_productName=Discord --annotation=_version=1.0.9004 --annotation=prod=Electron --annotation=ver=13.6.6 --initial-client-data=0x488,0x48c,0x490,0x484,0x494,0x74c3850,0x74c3860,0x74c386c
C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe
"C:\Users\Admin\AppData\Local\Discord\app-1.0.9004\Discord.exe" --type=gpu-process --field-trial-handle=1692,1567961433434856060,17304000717249419923,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,HardwareMediaKeyHandling,MediaSessionService,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1704 /prefetch:2
C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe
"C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\chrome_installer.log
C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe
"C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe"
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Discord\Local Storage\leveldb\000004.log
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Passwords.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Browsers\Cookies_Google(41).txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Information.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Roaming\44\Process.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce3344f50,0x7ffce3344f60,0x7ffce3344f70
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1620 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1984 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2360 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2788 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4504 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4672 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4660 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3084 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4892 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5020 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4668 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4976 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4908 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5436 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1528,2300796921315582139,4275619643066251166,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=812 /prefetch:8
C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe
"C:\Users\Admin\AppData\Local\Temp\YammyLoader.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffce3344f50,0x7ffce3344f60,0x7ffce3344f70
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1620 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1880 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2444 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2768 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2780 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4332 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4636 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4500 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4592 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4616 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2784 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2732 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3096 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1584 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4284 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3868 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3024 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4556 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2376 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4648 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1540 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3888 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3152 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1144 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4492 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5396 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3700 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4376 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1540 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3012 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5628 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2644 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6576 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6520 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3716 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3712 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4508 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7436 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7612 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5600 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8268 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8252 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8700 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8656 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7852 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9816 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8424 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --disable-databases --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1608,11059032530156101135,3451314669241531271,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5348 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.msn.com | udp |
| US | 204.79.197.203:443 | api.msn.com | tcp |
| US | 8.8.8.8:53 | freegeoip.app | udp |
| US | 172.67.160.84:443 | freegeoip.app | tcp |
| US | 8.8.8.8:53 | ipbase.com | udp |
| US | 75.2.60.5:443 | ipbase.com | tcp |
| US | 8.253.208.113:80 | tcp | |
| IE | 20.50.73.9:443 | tcp | |
| US | 8.253.208.113:80 | tcp | |
| US | 8.253.208.113:80 | tcp | |
| US | 8.253.208.113:80 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.251.36.45:443 | accounts.google.com | tcp |
| NL | 172.217.168.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| NL | 216.58.214.14:80 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2---sn-4g5e6nzz.gvt1.com | udp |
| DE | 74.125.173.199:80 | r2---sn-4g5e6nzz.gvt1.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| NL | 216.58.208.110:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 162.159.135.232:80 | discord.com | tcp |
| US | 162.159.135.232:80 | tcp | |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 157.240.201.15:443 | tcp | |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| NL | 142.250.179.134:443 | 10851314.fls.doubleclick.net | tcp |
| NL | 142.250.179.134:443 | udp | |
| NL | 142.250.179.194:443 | adservice.google.nl | tcp |
| NL | 142.251.36.14:443 | tcp | |
| NL | 142.251.36.14:443 | tcp | |
| NL | 142.251.36.14:443 | tcp | |
| NL | 142.251.36.14:443 | tcp | |
| NL | 142.251.36.14:443 | tcp | |
| NL | 142.251.39.97:443 | tcp | |
| NL | 142.251.39.97:443 | lh5.googleusercontent.com | tcp |
| NL | 142.251.39.97:443 | udp | |
| NL | 142.251.36.14:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.136.234:443 | remote-auth-gateway.discord.gg | tcp |
| NL | 142.251.36.42:443 | content-autofill.googleapis.com | tcp |
| NL | 216.58.214.14:443 | redirector.gvt1.com | tcp |
| NL | 172.217.168.238:443 | clients2.google.com | tcp |
| NL | 142.251.36.46:443 | consent.youtube.com | tcp |
| NL | 216.58.208.110:443 | apis.google.com | udp |
| NL | 142.251.36.42:443 | udp | |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 162.159.137.232:443 | status.discord.com | tcp |
| US | 172.67.160.84:443 | freegeoip.app | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 75.2.60.5:443 | ipbase.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 142.251.36.45:443 | accounts.google.com | udp |
| NL | 172.217.168.238:443 | clients2.google.com | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 162.159.135.232:443 | tcp | |
| US | 157.240.201.15:443 | tcp | |
| NL | 142.250.179.134:443 | udp | |
| NL | 142.250.179.134:443 | tcp | |
| US | 157.240.201.35:443 | tcp | |
| US | 162.159.130.232:443 | dl.discordapp.net | tcp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.136.232:443 | status.discord.com | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.251.36.14:443 | sb-ssl.google.com | tcp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.128.232:443 | dl.discordapp.net | tcp |
| US | 162.159.128.232:443 | dl.discordapp.net | tcp |
| US | 162.159.128.232:443 | dl.discordapp.net | tcp |
| US | 162.159.128.232:443 | dl.discordapp.net | tcp |
| US | 204.79.197.200:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.129.233:443 | discordapp.com | tcp |
| US | 162.159.129.233:443 | discordapp.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 20.73.130.64:443 | smartscreen-prod.microsoft.com | tcp |
| NL | 20.73.130.64:443 | smartscreen-prod.microsoft.com | tcp |
| NL | 20.73.130.64:443 | smartscreen-prod.microsoft.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 204.79.197.200:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 20.73.130.64:443 | nav.smartscreen.microsoft.com | tcp |
| US | 162.159.136.232:443 | discord.com | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.133.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 162.159.136.232:443 | discord.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | udp | |
| N/A | 127.0.0.1:6463 | tcp | |
| N/A | 127.0.0.1:6463 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 162.159.128.232:443 | dl.discordapp.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.135.234:443 | gateway.discord.gg | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.136.232:443 | status.discord.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | udp |
| US | 162.159.136.232:443 | status.discord.com | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 162.159.129.235:443 | latency.discord.media | tcp |
| NL | 35.214.243.87:50001 | udp | |
| NL | 35.214.196.254:50003 | udp | |
| NL | 35.214.192.206:50003 | udp | |
| NL | 213.163.86.165:50002 | udp | |
| NL | 213.163.94.70:50001 | udp | |
| ES | 213.179.216.199:50004 | udp | |
| ES | 213.179.216.240:50002 | udp | |
| ES | 213.179.216.201:50002 | udp | |
| ES | 213.179.216.238:50003 | udp | |
| ES | 213.179.216.234:50004 | udp | |
| SE | 109.200.195.30:50004 | udp | |
| SE | 109.200.194.219:50002 | udp | |
| SE | 109.200.194.216:50001 | udp | |
| SE | 109.200.194.210:50003 | udp | |
| SE | 109.200.195.28:50004 | udp | |
| US | 66.22.244.9:50001 | udp | |
| US | 66.22.244.7:50004 | udp | |
| US | 66.22.244.134:50001 | udp | |
| US | 66.22.244.151:50002 | udp | |
| US | 66.22.244.132:50003 | udp | |
| US | 109.200.210.39:50002 | udp | |
| US | 109.200.210.14:50002 | udp | |
| US | 109.200.210.115:50004 | udp | |
| US | 109.200.210.40:50004 | udp | |
| US | 109.200.209.122:50003 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 104.21.73.97:443 | freegeoip.app | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 99.83.231.61:443 | ipbase.com | tcp |
| US | 104.21.73.97:443 | freegeoip.app | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 75.2.60.5:443 | ipbase.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | udp |
| US | 162.159.133.234:443 | gateway.discord.gg | tcp |
| US | 162.159.136.232:443 | status.discord.com | tcp |
| US | 104.21.73.97:443 | freegeoip.app | tcp |
| US | 75.2.60.5:443 | ipbase.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 172.217.168.238:443 | clients2.google.com | udp |
| NL | 142.251.36.45:443 | accounts.google.com | udp |
| NL | 172.217.168.238:443 | clients2.google.com | tcp |
| NL | 142.251.36.45:443 | accounts.google.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 179.60.193.2:443 | tcp | |
| US | 162.159.135.232:443 | status.discord.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| NL | 142.250.179.163:443 | udp | |
| NL | 142.250.179.134:443 | udp | |
| US | 157.240.201.35:443 | tcp | |
| NL | 172.217.168.202:443 | udp | |
| NL | 172.217.168.202:443 | tcp | |
| US | 162.159.136.234:443 | gateway.discord.gg | tcp |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 162.159.135.232:443 | status.discord.com | tcp |
| US | 162.159.135.233:443 | cdn.discordapp.com | tcp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 162.159.134.234:443 | gateway.discord.gg | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 204.79.197.200:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 204.79.197.222:443 | fp.msedge.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 204.79.197.200:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 204.79.197.254:443 | a-ring.msedge.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 23.72.252.82:443 | static-akam.licdn.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 104.212.67.180:443 | amsr1.msedge.net | tcp |
| NL | 104.212.67.180:443 | amsr1.msedge.net | tcp |
| US | 104.21.73.97:443 | freegeoip.app | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 99.83.231.61:443 | ipbase.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 172.217.168.238:443 | clients2.google.com | udp |
| NL | 142.251.36.45:443 | accounts.google.com | udp |
| NL | 142.251.36.45:443 | accounts.google.com | tcp |
| NL | 172.217.168.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 216.58.214.14:443 | redirector.gvt1.com | tcp |
| NL | 172.217.168.238:443 | clients2.google.com | tcp |
| NL | 142.251.36.46:443 | consent.youtube.com | tcp |
| NL | 216.58.208.110:443 | apis.google.com | tcp |
| NL | 142.251.36.14:443 | play.google.com | tcp |
| NL | 142.251.36.14:443 | udp | |
| DE | 140.82.121.4:443 | github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | tcp | |
| US | 185.199.108.154:443 | tcp | |
| US | 185.199.108.154:443 | tcp | |
| US | 185.199.108.154:443 | tcp | |
| US | 185.199.110.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | tcp | |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| NL | 172.217.168.202:443 | content-autofill.googleapis.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| DE | 140.82.121.6:443 | api.github.com | tcp |
| NL | 172.217.168.202:443 | udp | |
| US | 104.26.10.133:443 | cracked.io | tcp |
| US | 104.18.18.132:443 | cloudflare.hcaptcha.com | tcp |
| US | 104.18.22.122:443 | cf-assets.hcaptcha.com | tcp |
| US | 104.18.17.115:443 | tcp | |
| US | 104.18.17.115:443 | tcp | |
| US | 104.18.17.115:443 | tcp | |
| US | 104.18.17.115:443 | tcp | |
| US | 104.18.17.115:443 | tcp | |
| US | 104.18.17.115:443 | cf-imgs.hcaptcha.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 216.58.214.14:80 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 173.194.182.233:80 | r4---sn-4g5e6nsz.gvt1.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 74.125.100.6:80 | r1---sn-5hnekn7l.gvt1.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 172.96.161.75:443 | i.ibb.co | tcp |
| US | 172.67.73.245:443 | tcp | |
| US | 172.67.73.245:443 | tcp | |
| US | 172.67.73.245:443 | tcp | |
| US | 172.67.73.245:443 | tcp | |
| US | 172.67.73.245:443 | tcp | |
| US | 172.67.213.132:443 | cdn-sellix.com | tcp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| BE | 146.148.16.38:443 | tcp | |
| NL | 142.250.179.170:443 | safebrowsing.googleapis.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 172.217.132.166:80 | r1---sn-5hne6nzy.gvt1.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 74.125.163.199:80 | r2---sn-4g5lznle.gvt1.com | tcp |
| NL | 142.250.179.170:443 | udp | |
| NL | 142.251.36.14:443 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 173.194.182.71:80 | r2---sn-4g5e6ns7.gvt1.com | tcp |
| NL | 142.250.179.131:443 | id.google.com | tcp |
| US | 104.21.32.130:443 | combo-list.net | tcp |
| RU | 93.158.134.119:443 | informer.yandex.ru | tcp |
| RU | 77.88.21.119:443 | mc.yandex.ru | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 84.53.185.195:80 | repository.certum.pl | tcp |
| NL | 84.53.185.195:80 | repository.certum.pl | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 173.194.188.136:80 | r3---sn-4g5ednsz.gvt1.com | tcp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| NL | 142.250.179.131:443 | udp | |
| NL | 142.251.36.14:443 | udp | |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 74.125.162.103:80 | r2---sn-4g5ednd7.gvt1.com | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| US | 206.81.12.126:443 | tcp | |
| US | 18.65.37.126:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 142.251.39.98:443 | tcp | |
| NL | 104.85.4.23:443 | contextual.media.net | tcp |
| US | 151.139.242.29:443 | tcp | |
| US | 151.139.242.29:443 | tcp | |
| US | 108.156.60.10:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 205.185.216.42:443 | s.vi-serve.com | tcp |
| US | 52.94.230.46:443 | tcp | |
| NL | 142.251.39.98:443 | udp | |
| US | 34.107.148.139:443 | prebid.media.net | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 205.185.216.42:443 | udp | |
| US | 192.243.59.20:443 | tcp | |
| US | 108.156.59.170:443 | wms-na.amazon-adsystem.com | tcp |
| DE | 18.66.250.232:443 | m.media-amazon.com | tcp |
| DE | 18.66.250.232:443 | tcp | |
| DE | 18.66.250.232:443 | tcp | |
| DE | 18.66.250.232:443 | tcp | |
| DE | 18.66.250.232:443 | tcp | |
| DE | 18.66.250.232:443 | tcp | |
| US | 52.46.154.240:443 | tcp | |
| US | 52.46.154.240:443 | tcp | |
| US | 52.94.225.95:443 | tcp | |
| NL | 142.250.179.161:443 | 2934818a1ccc57e13d3edbf8177520b7.safeframe.googlesyndication.com | tcp |
| DE | 18.195.243.133:443 | tcp | |
| US | 192.243.59.12:443 | tcp | |
| US | 192.243.59.12:443 | tcp | |
| US | 52.94.230.46:443 | tcp | |
| US | 34.102.146.192:443 | tcp | |
| NL | 178.250.2.130:443 | static.criteo.net | tcp |
| US | 54.187.4.72:443 | tcp | |
| FR | 46.105.202.126:443 | cdn.id5-sync.com | tcp |
| US | 18.223.56.175:443 | tcp | |
| US | 18.65.39.113:443 | tcp | |
| NL | 142.251.36.1:443 | tpc.googlesyndication.com | tcp |
| US | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| NL | 88.221.144.56:443 | tcp | |
| NL | 88.221.144.24:443 | tcp | |
| NL | 142.251.36.3:443 | www.google.nl | tcp |
| NL | 88.221.144.56:443 | tcp | |
| US | 192.243.59.12:443 | tcp | |
| US | 172.67.187.69:443 | addresseepaper.com | tcp |
| NL | 142.251.36.1:443 | udp | |
| NL | 45.133.44.10:443 | cdn.cloudimagesb.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| IE | 52.213.127.205:443 | tcp | |
| FR | 178.250.0.157:443 | gum.criteo.com | tcp |
| US | 205.185.216.10:443 | tcp | |
| IE | 34.255.246.113:443 | tcp | |
| IE | 34.250.27.246:443 | tcp | |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| IE | 99.80.52.147:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| NL | 142.250.179.161:443 | tcp | |
| IE | 54.171.15.54:443 | tcp | |
| US | 205.185.216.10:443 | tcp | |
| US | 205.185.216.10:443 | tcp | |
| US | 205.185.216.10:443 | tcp | |
| US | 205.185.216.10:443 | tcp | |
| DE | 37.252.173.62:443 | tcp | |
| NL | 185.94.180.123:443 | tcp | |
| NL | 185.64.189.112:443 | tcp | |
| NL | 23.0.250.243:443 | tcp | |
| NL | 142.250.179.170:443 | tcp | |
| US | 151.101.1.108:443 | tcp | |
| NL | 92.123.124.238:443 | tcp | |
| NL | 92.123.124.238:443 | tcp | |
| NL | 92.123.125.44:443 | tcp | |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| NL | 142.250.179.131:443 | udp | |
| NL | 142.251.36.14:443 | udp | |
| US | 141.193.213.20:443 | www.netskope.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| NL | 216.58.208.110:443 | apis.google.com | tcp |
| NL | 96.16.53.204:443 | consent.cookiebot.com | tcp |
| US | 104.18.23.52:443 | tcp | |
| US | 104.18.23.52:443 | tcp | |
| US | 108.156.60.55:443 | content.cdntwrk.com | tcp |
| US | 34.235.211.183:443 | js.qualified.com | tcp |
| US | 151.101.2.110:443 | tcp | |
| US | 151.101.2.110:443 | tcp | |
| US | 151.101.2.110:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 104.21.30.41:443 | ka-f.fontawesome.com | tcp |
| US | 104.21.30.41:443 | tcp | |
| US | 104.21.30.41:443 | tcp | |
| NL | 23.222.36.151:443 | consentcdn.cookiebot.com | tcp |
| US | 34.202.17.67:443 | ws.qualified.com | tcp |
| CA | 3.98.63.202:443 | tcp | |
| US | 52.54.116.217:443 | tcp | |
| US | 34.225.190.202:443 | app.qualified.com | tcp |
| US | 34.225.190.202:443 | app.qualified.com | tcp |
| US | 34.225.190.202:443 | tcp | |
| US | 104.18.16.5:443 | assets.qualified.com | tcp |
| US | 104.18.16.5:443 | tcp | |
| US | 104.18.16.5:443 | tcp | |
| US | 104.18.16.5:443 | tcp | |
| US | 104.18.16.5:443 | tcp | |
| US | 52.217.66.112:443 | tcp | |
| US | 188.114.97.10:443 | coder.social | tcp |
| US | 151.101.65.26:443 | polyfill.io | tcp |
| US | 172.67.143.13:443 | githubhelp.com | tcp |
| US | 108.156.60.4:443 | cdn.thisiswaldo.com | tcp |
| US | 18.211.226.152:443 | tcp | |
| US | 52.9.87.144:443 | tcp | |
| NL | 142.251.39.98:443 | udp | |
| US | 40.90.65.2:443 | tcp | |
| US | 108.156.60.9:443 | tcp | |
| US | 151.101.1.194:443 | tcp | |
| US | 104.22.1.126:443 | laravel.com | tcp |
| US | 40.118.235.113:443 | tcp | |
| DE | 91.228.74.189:443 | tcp | |
| US | 52.15.219.226:443 | thisiswaldo.com | tcp |
| US | 54.234.151.247:443 | tcp | |
| NL | 92.123.124.238:443 | tcp | |
| US | 23.20.158.212:443 | tcp | |
| US | 23.20.158.212:443 | tcp | |
| NL | 142.250.179.170:443 | udp | |
| IE | 52.48.146.43:443 | tcp | |
| US | 18.65.39.30:443 | tcp | |
| US | 108.156.60.102:443 | test.quantcast.mgr.consensu.org | tcp |
| IE | 54.76.219.213:443 | tcp | |
| DE | 18.195.72.208:443 | tcp | |
| GB | 185.64.190.80:443 | tcp | |
| DE | 37.252.172.38:443 | tcp | |
| FR | 185.86.139.106:443 | sync.smartadserver.com | tcp |
| US | 52.223.40.198:443 | tcp | |
| NL | 213.19.162.90:443 | tcp | |
| NL | 172.217.168.194:443 | cm.g.doubleclick.net | tcp |
| FR | 178.250.0.157:443 | gum.criteo.com | tcp |
| US | 35.211.144.1:443 | tcp | |
| NL | 172.217.168.194:443 | udp | |
| IE | 54.76.219.213:443 | tcp | |
| DE | 37.252.173.62:443 | tcp | |
| US | 34.149.20.76:443 | ssc.33across.com | tcp |
| FR | 185.255.84.151:443 | hb-api.omnitagjs.com | tcp |
| US | 145.40.89.200:443 | prebid.a-mo.net | tcp |
| DE | 51.89.9.251:443 | onetag-sys.com | tcp |
| NL | 23.0.250.243:443 | tcp | |
| DE | 37.252.173.62:443 | tcp | |
| IE | 52.142.114.2:443 | tcp | |
| US | 204.79.197.200:443 | www.bing.com | tcp |
| US | 104.26.8.169:443 | script.4dex.io | tcp |
| IE | 54.76.101.247:443 | tcp | |
| IE | 54.76.101.247:443 | tcp | |
| IE | 54.76.101.247:443 | tcp | |
| NL | 213.19.162.51:443 | tcp | |
| NL | 213.19.162.51:443 | tcp | |
| US | 172.67.73.228:443 | tcp | |
| US | 172.67.73.228:443 | tcp | |
| US | 172.67.73.228:443 | tcp | |
| NL | 213.19.162.51:443 | tcp | |
| DE | 52.28.106.187:443 | tcp | |
| IE | 52.18.151.34:443 | tcp | |
| NL | 216.52.2.48:443 | ap.lijit.com | tcp |
| US | 104.18.2.114:443 | mp.4dex.io | tcp |
| US | 104.22.36.96:443 | useast.quantumdex.io | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 18.194.60.82:443 | grid.bidswitch.net | tcp |
| NL | 142.251.36.1:443 | udp | |
| FR | 178.250.0.129:443 | rtb.fr.eu.criteo.com | tcp |
| FR | 178.250.0.138:443 | ads.eu.criteo.com | tcp |
| US | 3.86.21.221:443 | report2.hb.brainlyads.com | tcp |
| NL | 178.250.2.130:443 | static.criteo.net | tcp |
| FR | 178.250.0.160:443 | cat.fr.eu.criteo.com | tcp |
| NL | 178.250.2.129:443 | rtb.nl.eu.criteo.com | tcp |
| NL | 142.250.179.161:443 | udp | |
| FR | 178.250.0.139:443 | tcp | |
| FR | 178.250.0.139:443 | pix.eu.criteo.net | tcp |
| FR | 178.250.0.162:443 | csm.eu.criteo.net | tcp |
| US | 67.202.105.21:443 | ssc-cms.33across.com | tcp |
| DE | 52.59.83.34:443 | tcp | |
| US | 108.156.60.81:443 | tcp | |
| DE | 52.59.83.34:443 | tcp | |
| DK | 37.157.6.246:443 | tcp | |
| DK | 37.157.2.249:443 | tcp | |
| US | 76.223.111.18:443 | tcp | |
| US | 13.107.246.52:443 | tcp | |
| NL | 104.85.4.23:443 | contextual.media.net | tcp |
| GB | 185.64.190.79:443 | tcp | |
| DE | 18.156.0.31:443 | ups.analytics.yahoo.com | tcp |
| NL | 213.19.162.80:443 | tcp | |
| DE | 18.196.115.149:443 | tcp | |
| NL | 23.2.211.147:443 | eus.rubiconproject.com | tcp |
| NL | 92.123.125.44:443 | tcp | |
| DE | 195.201.152.90:443 | tcp | |
| DE | 141.95.98.65:443 | id5-sync.com | tcp |
| LU | 188.42.196.115:443 | ads.betweendigital.com | tcp |
| DE | 52.58.179.74:443 | tcp | |
| US | 34.233.198.188:443 | tcp | |
| US | 108.156.60.72:443 | tcp | |
| NL | 213.19.162.80:443 | tcp | |
| DE | 37.252.173.62:443 | tcp | |
| NL | 216.52.2.48:443 | ce.lijit.com | tcp |
| NL | 193.0.160.129:443 | tcp | |
| NL | 178.162.133.149:443 | tcp | |
| US | 52.3.28.57:443 | tcp | |
| NL | 213.19.147.44:443 | tcp | |
| NL | 92.123.125.44:443 | tcp | |
| US | 52.3.28.57:443 | tcp | |
| NL | 92.123.125.44:443 | tcp | |
| US | 18.65.34.177:443 | c.amazon-adsystem.com | tcp |
| NL | 213.19.147.45:443 | tcp | |
| DE | 23.88.75.187:443 | csync.loopme.me | tcp |
| IE | 18.203.96.5:443 | tcp | |
| FR | 185.86.139.103:443 | ssbsync.smartadserver.com | tcp |
| US | 67.202.105.23:443 | pixel.33across.com | tcp |
| NL | 92.123.125.44:443 | tcp | |
| IE | 34.246.221.35:443 | tcp | |
| NL | 92.123.125.44:443 | tcp | |
| GB | 185.127.17.52:443 | tcp | |
| DE | 37.252.172.38:443 | tcp | |
| US | 52.55.112.99:443 | tcp | |
| NL | 185.94.180.126:443 | tcp | |
| US | 209.205.206.178:443 | s.console.adtarget.com.tr | tcp |
| NL | 142.250.179.166:443 | s0.2mdn.net | tcp |
| NL | 23.208.79.40:443 | tcp | |
| NL | 185.33.220.244:443 | tcp | |
| IE | 18.203.96.5:443 | tcp | |
| US | 23.227.139.243:443 | sync.console.adtarget.com.tr | tcp |
| NL | 142.250.179.170:443 | udp | |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 18.65.39.66:443 | js.adscale.de | tcp |
| US | 23.227.139.243:443 | tcp | |
| DK | 37.157.2.238:443 | tcp | |
| NL | 142.250.179.166:443 | udp | |
| NL | 216.58.214.14:80 | redirector.gvt1.com | tcp |
| NL | 213.19.147.44:443 | tcp | |
| FR | 185.86.137.107:443 | ssbsync-global.smartadserver.com | tcp |
| DE | 85.114.159.118:443 | tcp | |
| FR | 185.183.112.148:443 | sync.adotmob.com | tcp |
| FR | 185.86.137.110:443 | rtb-csync.smartadserver.com | tcp |
| FR | 185.86.137.110:443 | rtb-csync.smartadserver.com | tcp |
| US | 50.31.142.31:443 | tcp | |
| US | 34.205.3.24:443 | tcp | |
| IE | 52.30.137.28:443 | tcp | |
| US | 54.159.94.231:443 | tcp | |
| US | 150.136.26.45:443 | tcp | |
| US | 169.197.150.8:443 | match.deepintent.com | tcp |
| US | 50.31.142.63:443 | tcp | |
| DE | 3.64.157.79:443 | tcp | |
| CH | 185.29.132.241:443 | tcp | |
| US | 198.148.27.140:443 | bh.contextweb.com | tcp |
| IE | 52.210.15.1:443 | tcp | |
| US | 151.101.2.49:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 74.125.160.40:80 | r3---sn-4g5lznes.gvt1.com | tcp |
| NL | 142.251.36.14:443 | udp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
| US | 151.101.2.49:443 | tcp | |
| US | 8.8.4.4:443 | dns.google | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.14:80 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| DE | 74.125.162.198:80 | r1---sn-4g5ednds.gvt1.com | tcp |
| NL | 142.250.179.163:443 | update.googleapis.com | udp |
Files
memory/760-130-0x0000000000C20000-0x0000000000C6A000-memory.dmp
memory/760-131-0x00007FFCE3920000-0x00007FFCE43E1000-memory.dmp
\??\pipe\crashpad_3848_AWPHMDCFDWBHCDUX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
memory/4444-133-0x0000000000000000-mapping.dmp
memory/3308-134-0x0000000000000000-mapping.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Caches
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\44
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\YammyLoader.exe.log
| MD5 | 63bbc8cfc48981d3ca3381102d773cee |
| SHA1 | 53c379b22f7b5d9944089449922b7a88f44a78da |
| SHA256 | b98340718a57678851ee2c958b06b70070c363d18b8b55efe75db53c6ba1a439 |
| SHA512 | 81f7d38b3be149fea4cfcadfd3dbc50a233d14be450f0e393886884da6cd59f5e5a5961b8560c60323572f63592221f3855779842f2567ae45e4b25191265eb7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data
| MD5 | 61bd56954c037b89bbe72a4257815e82 |
| SHA1 | a7930320b942b0d70d1c3ce67c99983bdf085594 |
| SHA256 | f76e240293dcb45672c3852166af02038ac4db4543ebcec1ff2b37e6921c68ba |
| SHA512 | 61d4fe8e5f94cedb2908c8f71d189c483cf4face801d4684e934605c391b1b5e801b380e405842762bb789e7fd82ea51d03d2bf326aa86e2487a336d87127098 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Login Data
| MD5 | 195193afb42e077cc7614276b8d20086 |
| SHA1 | 4984848fcf03eefc294e863549aabf3ef65ee733 |
| SHA256 | 1c542cc113ec8eb2c5edeae821b7f9bd16fe90499ae16eeb4ed16ba9a5c9fa19 |
| SHA512 | aa4909ae617cab51fa447325bb76bc690eb327166ac040ebe93218700a9cd8842acf51cd3ac7536f176fd105fdc8153aea508db956faa6cbcfdc354d9eced9ab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 4e1d5c1369c65006063e61f263340c15 |
| SHA1 | 0c9a38ade4943fc5bb3e633bc87c8baedc0b2c79 |
| SHA256 | 95f434cdfccbabc8ecbc1b3e44aecb0346379dcfb849861c95fd028f673932fb |
| SHA512 | e9bbee067f7600bfc0accc7e05e4986b3201a2e6894a2cb3ae40217cb425865af66d4ab4a06ccc517ea5d2a2b2fb7ddc0a489af7d2141740185d3e941b72a9a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cookies
| MD5 | 3913401cc60f7ea5b3a29d6ce2504936 |
| SHA1 | 62a6a32133d049023f0cde4de0d05c59980ee4ab |
| SHA256 | ccf669b71b369a310b5f8b47b956b11827a3cb8f005d452479f17fbe4a20cd68 |
| SHA512 | ec150fb7b833f1f31391d69dfa6f0592e5673da2e1ae5e63c6e6a7a8fb4a641c5a5ed99e5a229adb9771aa0e77ee145b189cc71d06e5a9c55f639016fc251aa6 |
memory/3556-142-0x00007FFCDF800000-0x00007FFCE02C1000-memory.dmp
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
| MD5 | 6bd369f7c74a28194c991ed1404da30f |
| SHA1 | 0f8e3f8ab822c9374409fe399b6bfe5d68cbd643 |
| SHA256 | 878947d0ec814fe7c343cdebc05eebf00eb14f3023bdb3809a559e17f399fe5d |
| SHA512 | 8fc5f073dc9fa1e1ae47c60a5f06e0a48709fd6a4302dffaa721858409e7bde64bc6856d3fb28891090516d1a7afc542579de287778b5755eafe75cc67d45d93 |
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
| MD5 | d2fb266b97caff2086bf0fa74eddb6b2 |
| SHA1 | 2f0061ce9c51b5b4fbab76b37fc6a540be7f805d |
| SHA256 | b09f68b61d9ff5a7c7c8b10eee9447d4813ee0e866346e629e788cd4adecb66a |
| SHA512 | c3ba95a538c1d266beb83334af755c34ce642a4178ab0f2e5f7822fd6821d3b68862a8b58f167a9294e6d913b08c1054a69b5d7aec2efdb3cf9796ed84de21a8 |
C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
| MD5 | f49655f856acb8884cc0ace29216f511 |
| SHA1 | cb0f1f87ec0455ec349aaa950c600475ac7b7b6b |
| SHA256 | 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba |
| SHA512 | 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8 |
C:\Users\Admin\AppData\Roaming\44\Files\ShowUnblock.txt
| MD5 | a8469c31999012650ef17ca26365bfa8 |
| SHA1 | c58c1437b55a13a5ce116c9a6f8076cc29705c6b |
| SHA256 | 4fd9ac562634cb4b94bf96c6ef842b3ce0362d70d0e4d34c2d62d6bd01a9ddeb |
| SHA512 | 552b11beef2efc07556e2d9591241c9b289c5dea8dd4b8908224e8a742b82e466e1fd5066bea3744a8f6e1eb30dfc5996a930533335b6cfd80fe410e091d9137 |
C:\Users\Admin\AppData\Roaming\44\Passwords.txt
| MD5 | b4b8b2a441203f71e32690d88e0746a9 |
| SHA1 | a4619094d7a39b7de1a19ee25e4b7e5179be529d |
| SHA256 | 1746e3096c7c2ffb70a3ef210deb7d28c86eed7138a49c6f85a19b3aec7b2777 |
| SHA512 | 7a583dd1255db3227db8063c583cdb007835ca46c0659ace7ce75fb5a03ae18535b1130750b3ab1400ff8f34086f740c58eede9e191564ee704c889acaa9eddd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 21d4a846e9619c3f886490501e23f5c4 |
| SHA1 | 5b3003648a42e31901e2d07498ac93965d276087 |
| SHA256 | 1b491bc267598c9331c583e31e526e5b991eb6c3dbb43ead56e97a9bea5837f9 |
| SHA512 | 26370e298641e1ad76663723ac051d8dcfaf2e767fb6633b4ee9fba38014a1f994e4125e3bb81e9fe61f9f6b3c1dd8b2823c3e13cbc59b4f3574f009cd56be4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | b63048c4e7e52c52053d25da30d9c5ab |
| SHA1 | 679a44d402f5ec24605719e06459f5a707989187 |
| SHA256 | 389caa40ea458e84bc624a9af1e0dec60fa652b2db2b81c09b1dfe22822cc3d1 |
| SHA512 | e86c58c5a25e24f21ad79ed526a90c120a09c115f4820663bd2ebbc59e7bb1c4c418267eb77645522aa20b2c1b53fba8e31690db7bae9b21e4eff3db06316359 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\GPUCache\data_1
| MD5 | 3dddbc4c6a46a5a93c318b635f6644a3 |
| SHA1 | def34b8687f703309c4a5bb4eb3bfb91ffef972a |
| SHA256 | df0814c1abe4df260eb8a7475da220bf07964099521168f4642aded85750d8c5 |
| SHA512 | d29c68e897d28548b1a4de07d563f21825f42373efd66c28c4a72d128ef751a3469069fba6b8c8a6cd0d75f32374230551ac434ac408f1c4ae68cf2dcc1dc63a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 34fb476002adccaf21b67090deb553fd |
| SHA1 | a8eb92297c14c9db23d0d6dd3ac885f4bf771158 |
| SHA256 | 9bd2c91be1a594a16cf2939014b99c4a71087e702ca22b7d1691672d038b923d |
| SHA512 | 01996e44d8d4e5a18f088196d1e10bf33cf922be5ca4046c3b56b447002de854d8abf81cd7688d3ed45b231c47159c0a3d4cc4439d401955e072dd75aca78659 |
\??\pipe\crashpad_1660_RJKLVELQQCREERNE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 5e96d8d261c1cb31f805e874777e8b52 |
| SHA1 | f607edc4e67cd1a002ba96faa451a74d27c89f6b |
| SHA256 | a12cc419290be82bd5f4ffb5457264c761ff190aa8776b7f28f8ef7ddbfd449c |
| SHA512 | 15054f5586a442d00cf08eb34f5bfdbab5cc73c058e3958447421a03e374996efca9e25aa332ab33fab8ebaf179a4879a4477d5cb6f4b8e713afba4a6e22f90a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4e80eb12069d94520f7551d8fa924ef0 |
| SHA1 | d3a4f6bb7ad321bb198831fb06bbb2c5f244f43c |
| SHA256 | 6166fb67ec6457769a6450ae2c96b9245aa0202b256a6e8cccb92ea100736c62 |
| SHA512 | 5707d221c825b4ab832210d817c43e28763f117fe58f74bf398322bf962e8a5bc012ec4922fce4f39235eb25da43e3bd1e3fede465429d7295ea19e7c51e086a |
memory/3508-155-0x0000000000000000-mapping.dmp
memory/1676-156-0x0000000000000000-mapping.dmp
memory/1676-157-0x0000000000B60000-0x0000000000CD6000-memory.dmp
memory/4764-158-0x0000000000000000-mapping.dmp
memory/1676-159-0x0000000007E40000-0x0000000007E48000-memory.dmp
memory/1676-160-0x0000000007EC0000-0x0000000007EF8000-memory.dmp
memory/1676-161-0x0000000007EA0000-0x0000000007EAE000-memory.dmp
memory/2020-162-0x0000000000000000-mapping.dmp
memory/952-163-0x0000000000000000-mapping.dmp
memory/952-164-0x0000000005080000-0x00000000050A0000-memory.dmp
memory/680-166-0x0000000000000000-mapping.dmp
memory/1716-168-0x0000000000000000-mapping.dmp
memory/1300-169-0x0000000000000000-mapping.dmp
memory/2408-170-0x0000000000000000-mapping.dmp
memory/4492-171-0x0000000000000000-mapping.dmp
memory/3124-172-0x0000000000000000-mapping.dmp
memory/2208-173-0x0000000000000000-mapping.dmp
memory/3744-174-0x0000000000000000-mapping.dmp
memory/4656-175-0x0000000000000000-mapping.dmp
memory/1676-177-0x000000000A8E0000-0x000000000A972000-memory.dmp
memory/1388-178-0x0000000000000000-mapping.dmp
memory/4724-180-0x0000000000000000-mapping.dmp
memory/1736-181-0x0000000000000000-mapping.dmp
memory/1664-182-0x0000000000000000-mapping.dmp
memory/3700-183-0x0000000000000000-mapping.dmp
memory/4168-184-0x0000000000000000-mapping.dmp
memory/760-185-0x0000000000000000-mapping.dmp
memory/5084-186-0x0000000000000000-mapping.dmp
memory/2036-188-0x0000000000000000-mapping.dmp
memory/2712-190-0x0000000000000000-mapping.dmp
memory/2460-191-0x0000000000000000-mapping.dmp
memory/3252-192-0x0000000000000000-mapping.dmp
memory/3352-193-0x0000000000000000-mapping.dmp
memory/3400-195-0x0000000000000000-mapping.dmp
memory/264-196-0x0000000000000000-mapping.dmp
memory/748-198-0x0000000000000000-mapping.dmp
memory/3560-200-0x0000000000000000-mapping.dmp
memory/3068-202-0x0000000000000000-mapping.dmp
memory/1664-204-0x0000000000000000-mapping.dmp
memory/3372-206-0x0000000000000000-mapping.dmp
memory/3668-209-0x0000000000000000-mapping.dmp
memory/1144-208-0x0000000000000000-mapping.dmp
memory/5360-210-0x0000000000000000-mapping.dmp
memory/5472-211-0x0000000000000000-mapping.dmp
memory/5540-212-0x0000000000000000-mapping.dmp
memory/5828-213-0x00007FFCE19B0000-0x00007FFCE2471000-memory.dmp
memory/4240-214-0x0000000000000000-mapping.dmp
memory/5092-215-0x0000000000000000-mapping.dmp
memory/4200-217-0x0000000000000000-mapping.dmp
memory/2084-219-0x00007FFCDF800000-0x00007FFCE02C1000-memory.dmp
memory/1232-220-0x00007FFCE1BE0000-0x00007FFCE26A1000-memory.dmp
memory/5552-221-0x00007FFCDF040000-0x00007FFCDFB01000-memory.dmp