Malware Analysis Report

2024-11-30 15:50

Sample ID 221018-kvj1bsfdfp
Target Mercurial.Grabber.v1.03.rar
SHA256 3759744039346620e9613f40f90e8f318e5f54ad49c070e2bd23b667f7e65bf6
Tags
mercurialgrabber evasion spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V6

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3759744039346620e9613f40f90e8f318e5f54ad49c070e2bd23b667f7e65bf6

Threat Level: Known bad

The file Mercurial.Grabber.v1.03.rar was found to be: Known bad.

Malicious Activity Summary

mercurialgrabber evasion spyware stealer

Mercurial Grabber Stealer

Looks for VirtualBox Guest Additions in registry

Downloads MZ/PE file

Looks for VMWare Tools registry key

Executes dropped EXE

Checks BIOS information in registry

Reads user/profile data of web browsers

Maps connected drives based on registry

Looks up external IP address via web service

Legitimate hosting services abused for malware hosting/C2

Drops file in Program Files directory

Program crash

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious behavior: GetForegroundWindowSpam

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Checks SCSI registry key(s)

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

Modifies registry class

Suspicious use of WriteProcessMemory

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2022-10-18 08:55

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2022-10-18 08:55

Reported

2022-10-18 09:05

Platform

win10v2004-20220812-en

Max time kernel

598s

Max time network

603s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Mercurial.exe"

Signatures

Mercurial Grabber Stealer

stealer mercurialgrabber

Looks for VirtualBox Guest Additions in registry

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\Oracle\VirtualBox Guest Additions C:\Users\Admin\Downloads\png-handler.exe N/A

Downloads MZ/PE file

Looks for VMWare Tools registry key

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SOFTWARE\VMWare, Inc.\VMWare Tools C:\Users\Admin\Downloads\png-handler.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\Downloads\png-handler.exe N/A

Reads user/profile data of web browsers

spyware stealer

Legitimate hosting services abused for malware hosting/C2

Looks up external IP address via web service

Description Indicator Process Target
N/A ip4.seeip.org N/A N/A
N/A ip4.seeip.org N/A N/A
N/A ip-api.com N/A N/A

Maps connected drives based on registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\Disk\Enum C:\Users\Admin\Downloads\png-handler.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\disk\Enum\0 C:\Users\Admin\Downloads\png-handler.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\Google\Chrome\Application\89.0.4389.114\readme.txt C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files\Google\Chrome\Application\89.0.4389.114\Mercurial.exe C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A
File opened for modification C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\manifest.json C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A
File created C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecoveryCRX.crx C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A
File created C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A
File created C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\manifest.json C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A
File created C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\_metadata\verified_contents.json C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A
File opened for modification C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\_metadata\verified_contents.json C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_VMware_&Prod_VMware_Virtual_S C:\Users\Admin\Downloads\png-handler.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Users\Admin\Downloads\png-handler.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\Downloads\png-handler.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemManufacturer C:\Users\Admin\Downloads\png-handler.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemProductName C:\Users\Admin\Downloads\png-handler.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\Logical Unit Id 0 C:\Users\Admin\Downloads\png-handler.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosInformation C:\Users\Admin\Downloads\png-handler.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe1000000079b8e6f37eaed8011253ccde86aed801b9224c8ce0e2d80114000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2629973501-4017243118-3254762364-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Mercurial.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Mercurial.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\png-handler.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2228 wrote to memory of 732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 732 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 544 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4944 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2228 wrote to memory of 4608 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Mercurial.exe

"C:\Users\Admin\AppData\Local\Temp\Mercurial.exe"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -pss -s 424 -p 3476 -ip 3476

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 3476 -s 780

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff3c234f50,0x7fff3c234f60,0x7fff3c234f70

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1700 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2016 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2292 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2836 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3032 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4508 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4648 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4636 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4936 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5160 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5300 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5328 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3680 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 2220 -ip 2220

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 1568

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6004 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7284 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6952 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 384 -p 2220 -ip 2220

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 1568

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7604 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7840 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8492 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9256 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9116 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9624 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9768 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10160 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10152 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10000 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10592 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10408 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10936 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10980 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11172 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11444 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11804 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12076 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9544 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12292 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9628 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9064 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9024 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1184 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11976 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9924 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=972 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8456 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3784 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3856 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10560 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9688 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8456 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11048 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3328 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9480 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12720 /prefetch:1

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9940 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8564 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10668 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9000 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8188 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1592 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10260 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3220 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11100 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10652 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10252 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11428 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12184 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11692 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2424 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11724 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8652 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10816 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9808 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=12096 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11060 /prefetch:8

C:\Users\Admin\Downloads\Mercurial.exe

"C:\Users\Admin\Downloads\Mercurial.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\pz25rzrz\pz25rzrz.cmdline"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RES3692.tmp" "c:\Users\Admin\Downloads\CSCE4A685892F5D49918A3764DEA0751B4E.TMP"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11252 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10628 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10252 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9492 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9528 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2660 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10948 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11596 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7936 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9076 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9436 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11736 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9292 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12324 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10472 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12880 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 6400 -ip 6400

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6400 -s 3012

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 6400 -ip 6400

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 6400 -s 3184

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10016 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7944 /prefetch:1

C:\Users\Admin\Downloads\png-handler.exe

"C:\Users\Admin\Downloads\png-handler.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12848 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12888 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12324 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12760 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12924 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9300 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9976 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9052 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11792 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=9036 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4b0 0x478

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12872 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9200 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9196 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9528 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13020 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8228 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13000 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13412 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13392 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13708 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=176 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13652 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=177 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9168 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13224 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=179 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=12328 /prefetch:8

C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe"

C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe

"C:\Program Files\Google\Chrome\ChromeRecovery\scoped_dir8076_1016753805\ChromeRecovery.exe" --appguid={8A69D345-D564-463c-AFF1-A69D9E530F96} --browser-version=89.0.4389.114 --sessionid={a6ff787a-4cf9-443f-bfed-69af9bdc373d} --system

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13284 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=183 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13000 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13224 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=14060 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10416 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13992 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=189 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13180 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=14164 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=191 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8436 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=192 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13900 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=13276 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13548 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1636,8864995424912383309,6005886904650576238,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=195 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13616 /prefetch:1

Network

Country Destination Domain Proto
US 93.184.220.29:80 tcp
US 93.184.220.29:80 tcp
US 8.253.225.254:80 tcp
US 8.253.225.254:80 tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 clients2.google.com udp
NL 172.217.168.238:443 clients2.google.com tcp
NL 142.251.36.45:443 accounts.google.com tcp
US 8.8.8.8:53 edgedl.me.gvt1.com udp
US 34.104.35.123:80 edgedl.me.gvt1.com tcp
US 8.8.8.8:53 apis.google.com udp
NL 216.58.208.110:443 apis.google.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
NL 216.58.208.99:443 ssl.gstatic.com tcp
US 104.20.67.143:80 tcp
US 104.20.67.143:80 pastebin.com tcp
US 104.20.67.143:443 pastebin.com tcp
US 172.67.21.227:443 services.vlitag.com tcp
US 172.67.21.227:443 services.vlitag.com tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 104.18.29.213:443 adsystem.pocpoc.io tcp
NL 18.65.33.229:443 c.amazon-adsystem.com tcp
NL 172.217.168.194:443 www.googletagservices.com tcp
NL 216.58.208.98:443 securepubads.g.doubleclick.net tcp
NL 216.58.208.98:443 securepubads.g.doubleclick.net tcp
NL 18.65.33.229:443 c.amazon-adsystem.com tcp
US 172.67.75.241:443 script.4dex.io tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
NL 72.251.249.13:443 ap.lijit.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
DE 54.93.145.1:443 tcp
US 34.107.148.139:443 prebid.media.net tcp
US 145.40.88.5:443 prebid.a-mo.net tcp
US 185.184.10.30:443 prebid-us.creativecdn.com tcp
NL 185.89.210.212:443 tcp
NL 185.89.210.212:443 tcp
US 104.22.68.131:443 prebid.smilewanted.com tcp
NL 80.67.93.123:443 a.teads.tv tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
FR 185.86.137.17:443 prg-apac.smartadserver.com tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 34.236.43.246:443 tcp
US 34.236.43.246:443 tcp
US 34.236.43.246:443 tcp
US 34.236.43.246:443 tcp
US 172.67.42.201:443 useast.quantumdex.io tcp
US 145.40.88.5:443 tcp
US 172.98.26.245:443 tcp
US 185.184.10.30:443 tcp
NL 185.89.210.212:443 tcp
US 69.166.1.8:443 tcp
DE 54.93.145.1:443 tcp
US 74.118.184.142:443 tcp
NL 72.251.249.13:443 ap.lijit.com tcp
NL 185.89.210.212:443 tcp
NL 65.9.78.75:443 aax-dtb-cf.amazon-adsystem.com tcp
US 104.21.82.134:443 tcp
US 104.21.82.134:443 tcp
US 104.21.82.134:443 tcp
US 104.21.82.134:443 tcp
US 104.21.82.134:443 tcp
US 34.107.148.139:443 tcp
US 172.67.42.201:443 tcp
NL 65.9.78.75:443 tcp
US 104.21.82.134:443 tcp
NL 65.9.78.75:443 tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 96.16.53.139:80 apps.identrust.com tcp
NL 96.16.53.139:80 apps.identrust.com tcp
US 172.67.75.241:443 script.4dex.io tcp
IE 52.95.118.179:443 tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
NL 142.251.36.34:443 adservice.google.nl tcp
NL 216.58.208.98:443 udp
NL 142.250.179.161:443 ca6454b2796d86d18c63cde321c322a3.safeframe.googlesyndication.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 64.202.112.63:443 tcp
DE 18.156.148.146:443 tcp
NL 65.9.86.31:443 s.ad.smaato.net tcp
US 35.211.178.172:443 tcp
NL 142.251.36.1:443 tpc.googlesyndication.com tcp
US 35.211.178.172:443 tcp
US 18.235.137.77:443 tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
NL 172.217.168.194:443 udp
NL 46.228.164.11:443 ad.turn.com tcp
NL 142.250.179.161:443 udp
US 13.248.245.213:443 tcp
NL 23.222.19.168:443 stags.bluekai.com tcp
IE 52.95.118.179:443 tcp
GB 66.155.71.25:443 tcp
NL 193.0.160.128:443 tcp
NL 23.2.175.14:443 tcp
US 198.148.27.140:443 bh.contextweb.com tcp
NL 142.250.179.162:443 cm.g.doubleclick.net tcp
NL 23.2.175.14:443 tcp
NL 216.52.2.19:443 ce.lijit.com tcp
US 3.213.189.24:443 tcp
NL 142.251.36.1:443 udp
US 107.178.246.49:443 pixel.tapad.com tcp
NL 178.250.2.146:443 gum.criteo.com tcp
DE 141.95.33.111:443 id5-sync.com tcp
US 188.114.96.3:443 id.a-mx.com tcp
US 151.101.1.108:443 tcp
NL 104.123.40.23:443 contextual.media.net tcp
NL 178.250.2.146:443 gum.criteo.com tcp
US 172.98.26.246:443 tcp
US 172.98.26.246:443 u-iad04.e-planning.net tcp
US 52.223.40.198:443 tcp
NL 142.250.179.162:443 udp
US 13.107.42.14:443 tcp
IE 63.32.23.1:443 tcp
US 209.54.182.161:443 tcp
US 204.79.197.200:443 tcp
US 64.202.112.63:443 tcp
US 35.211.178.172:443 tcp
DE 18.156.148.146:443 tcp
DE 3.126.56.137:443 ups.analytics.yahoo.com tcp
LU 188.42.191.196:443 ads.betweendigital.com tcp
US 52.203.70.89:443 tcp
NL 104.123.44.23:443 hbx.media.net tcp
DK 37.157.4.23:443 tcp
US 34.239.109.150:443 ads.avct.cloud tcp
NL 72.251.249.13:443 ap.lijit.com tcp
US 64.202.112.63:443 tcp
US 104.18.19.126:443 ssum-sec.casalemedia.com tcp
NL 104.80.224.197:443 tcp
NL 72.251.249.13:443 ap.lijit.com tcp
NL 23.2.211.147:443 secure-assets.rubiconproject.com tcp
US 199.127.204.142:443 tcp
US 209.54.182.161:443 tcp
US 35.211.178.172:443 tcp
NL 72.251.249.13:443 ap.lijit.com tcp
NL 72.251.249.13:443 ap.lijit.com tcp
US 64.202.112.63:443 tcp
NL 72.251.249.13:443 ap.lijit.com tcp
US 209.54.182.161:443 tcp
NL 104.126.125.209:443 eus.rubiconproject.com tcp
NL 198.47.127.19:443 tcp
US 64.202.112.63:443 tcp
US 209.54.182.161:443 tcp
US 209.54.182.161:443 tcp
IE 54.76.210.146:443 tcp
US 52.0.100.122:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 209.54.182.161:443 tcp
US 35.211.178.172:443 tcp
NL 89.207.16.201:443 tcp
NL 35.204.74.118:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
DE 37.252.173.215:443 tcp
NL 185.29.134.244:443 tcp
US 169.197.150.7:443 match.deepintent.com tcp
US 52.0.22.83:443 tcp
US 141.226.124.48:443 tcp
US 209.54.182.161:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 64.202.112.63:443 tcp
US 141.226.124.48:443 tcp
SE 213.155.156.169:443 d5p.de17a.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 151.101.2.49:443 tcp
US 209.54.182.161:443 tcp
US 104.18.24.173:443 a.tribalfusion.com tcp
CA 185.80.39.216:443 dsum.casalemedia.com tcp
CA 185.80.39.216:443 dsum.casalemedia.com tcp
US 3.219.134.214:443 tcp
FR 178.250.0.163:443 dis.criteo.com tcp
GB 185.64.190.80:443 tcp
US 69.166.1.10:443 tcp
US 69.166.1.10:443 tcp
FR 141.94.170.77:443 pixel.onaudience.com tcp
US 74.119.119.150:443 widget.us.criteo.com tcp
NL 185.29.134.244:443 tcp
US 52.0.22.83:443 tcp
US 192.184.69.167:443 tcp
DE 3.70.4.188:443 tcp
DE 146.0.227.110:443 tcp
CA 185.80.39.216:443 dsum.casalemedia.com tcp
US 69.166.1.10:443 tcp
NL 185.64.189.110:443 tcp
NL 185.64.189.110:443 tcp
NL 185.64.189.110:443 tcp
NL 198.47.127.20:443 tcp
US 35.211.178.172:443 tcp
US 18.214.54.215:443 tcp
CA 185.80.39.216:443 dsum.casalemedia.com tcp
NL 96.16.53.164:443 ads.stickyadstv.com tcp
NL 213.19.162.90:443 tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 104.22.54.206:443 cdn.connectad.io tcp
FR 185.86.139.57:443 sync.smartadserver.com tcp
US 52.23.113.215:443 tcp
NL 213.19.162.90:443 tcp
US 69.173.151.100:443 tcp
NL 216.52.2.19:443 tcp
GB 185.64.190.81:443 tcp
US 54.243.140.171:443 tcp
DE 85.114.159.93:443 tcp
DK 77.243.60.138:443 uipglob.semasio.net tcp
US 35.201.96.126:443 visitor.fiftyt.com tcp
US 52.23.73.66:443 tcp
US 104.22.24.87:443 mwzeom.zeotap.com tcp
NL 89.207.16.140:443 tcp
US 104.19.173.108:443 csync.loopme.me tcp
DE 162.55.120.196:443 tcp
US 150.136.26.45:443 sync.technoratimedia.com tcp
SI 195.5.165.20:443 tcp
NL 173.231.181.122:443 tcp
US 199.127.204.171:443 tcp
US 104.18.19.126:443 ssum.casalemedia.com tcp
US 34.111.129.221:443 cr.frontend.weborama.fr tcp
GB 66.155.71.25:443 tcp
FR 51.68.39.188:443 dsp.nrich.ai tcp
NL 159.65.197.210:443 match.adsby.bidtheatre.com tcp
US 34.102.253.54:443 ads.playground.xyz tcp
US 50.57.31.206:443 tcp
US 52.6.15.8:443 tcp
NL 72.251.249.13:443 ap.lijit.com tcp
US 34.231.236.133:443 tcp
US 35.244.159.8:443 u.openx.net tcp
DK 37.157.6.245:443 tcp
NL 185.64.189.229:443 tcp
SI 195.5.165.20:443 tcp
US 199.127.204.171:443 tcp
FR 141.94.242.204:443 green.erne.co tcp
US 151.101.1.44:443 trc.taboola.com tcp
DE 3.127.41.215:443 tcp
US 74.222.140.158:443 tcp
DE 35.157.207.1:443 tcp
DE 37.252.173.215:443 tcp
DE 3.127.41.215:443 tcp
US 34.111.151.213:443 dmp.brand-display.com tcp
IE 54.228.48.165:443 tcp
FR 185.86.137.133:443 rtb-csync.smartadserver.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
CA 185.80.39.216:443 r.casalemedia.com tcp
FR 141.94.171.215:443 pixel-eu.onaudience.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
FR 141.94.171.215:443 tcp
NL 104.126.124.21:443 tags.bluekai.com tcp
CA 185.80.39.216:443 tcp
CA 185.80.39.216:443 dsum.casalemedia.com tcp
US 204.79.197.200:443 tcp
US 204.79.197.200:443 tcp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 teams-ring.msedge.net udp
US 52.113.196.254:443 teams-ring.msedge.net tcp
US 8.8.8.8:53 fp-afd-nocache.azureedge.net udp
US 13.107.219.67:443 fp-afd-nocache.azureedge.net tcp
US 8.8.8.8:53 t-s1-ring.msedge.net udp
US 13.107.228.254:443 t-s1-ring.msedge.net tcp
US 74.118.184.142:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
NL 72.251.249.13:443 ap.lijit.com tcp
NL 185.89.210.212:443 tcp
US 34.236.43.246:443 tcp
FR 185.86.137.17:443 prg-apac.smartadserver.com tcp
US 8.8.4.4:443 dns.google udp
NL 142.250.179.163:443 update.googleapis.com tcp
US 8.8.8.8:53 edgedl.me.gvt1.com udp
US 34.104.35.123:80 edgedl.me.gvt1.com tcp
US 8.8.4.4:443 dns.google udp
US 35.201.124.40:443 tcp
NL 172.217.168.227:443 beacons.gvt2.com tcp
US 104.20.67.143:80 tcp
US 216.239.32.36:443 udp
NL 142.250.179.163:443 udp
US 140.82.114.4:443 tcp
US 140.82.114.4:443 github.com tcp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 sb-ssl.google.com udp
NL 142.251.36.14:443 sb-ssl.google.com tcp
US 104.20.67.143:80 tcp
NL 172.217.168.194:443 udp
NL 142.250.179.130:443 udp
NL 185.89.210.212:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
NL 72.251.249.13:443 ap.lijit.com tcp
NL 185.89.210.212:443 tcp
FR 185.86.137.17:443 prg-apac.smartadserver.com tcp
US 184.72.104.46:443 tcp
US 74.118.184.143:443 tcp
US 74.118.184.143:443 tcp
US 74.118.184.143:443 tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.4.4:443 dns.google udp
US 3.228.253.110:443 tcp
US 3.230.15.144:443 tcp
NL 142.250.179.170:443 safebrowsing.googleapis.com tcp
NL 142.250.179.130:443 udp
US 8.8.8.8:53 secure.adnxs.com udp
DE 37.252.172.123:443 secure.adnxs.com tcp
GB 66.155.71.25:443 tcp
US 52.223.40.198:443 tcp
NL 142.251.36.1:443 udp
NL 142.250.179.142:443 safebrowsing.google.com tcp
NL 178.250.2.146:443 gum.criteo.com tcp
NL 178.250.2.146:443 gum.criteo.com tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 54.225.184.91:443 tcp
NL 142.250.179.170:443 udp
US 3.230.15.144:443 tcp
US 199.127.204.142:443 tcp
US 192.184.69.252:443 tcp
AU 3.105.144.226:443 tcp
US 3.226.18.175:443 tcp
US 34.237.81.207:443 tcp
AU 3.105.144.226:443 tcp
US 3.218.231.183:443 tcp
DE 52.59.108.23:443 tcp
FR 185.86.139.114:443 sync.smartadserver.com tcp
NL 185.94.180.126:443 tcp
US 64.202.112.63:443 tcp
DE 3.126.56.137:443 ups.analytics.yahoo.com tcp
DE 18.158.247.155:443 tcp
US 192.132.33.46:443 tcp
US 52.89.174.73:443 tcp
US 52.89.174.73:443 tcp
US 20.42.72.131:443 tcp
US 8.8.4.4:443 dns.google udp
NL 142.251.36.14:443 sb-ssl.google.com tcp
NL 142.250.179.142:443 google.com tcp
NL 142.251.36.35:443 beacons.gcp.gvt2.com tcp
NL 142.251.36.35:443 tcp
NL 142.251.36.35:443 tcp
NL 142.251.36.14:443 sb-ssl.google.com tcp
US 172.217.197.94:443 beacons2.gvt2.com tcp
NL 142.251.39.97:443 lh5.googleusercontent.com tcp
US 172.217.197.94:443 udp
US 172.67.159.133:443 tcp
US 172.67.159.133:443 tcp
US 8.8.4.4:443 dns.google udp
NL 142.251.36.42:443 translate.googleapis.com tcp
US 34.104.35.123:80 edgedl.me.gvt1.com tcp
NL 216.58.214.14:443 consent.google.com tcp
NL 142.251.36.14:443 sb-ssl.google.com tcp
NL 216.58.208.110:443 apis.google.com udp
NL 142.250.179.170:443 udp
NL 142.251.36.14:443 sb-ssl.google.com udp
DE 176.9.21.46:443 tcp
DE 136.243.171.216:443 tcp
NL 216.58.208.110:443 apis.google.com udp
NL 157.240.247.8:443 tcp
NL 142.251.39.106:443 content-autofill.googleapis.com tcp
DE 176.9.21.46:443 id.123apps.com tcp
US 142.251.16.120:443 csi.gstatic.com tcp
US 142.250.102.156:443 stats.g.doubleclick.net tcp
NL 142.251.36.3:443 www.google.nl tcp
NL 142.251.36.1:443 udp
NL 142.250.179.163:443 udp
NL 172.217.168.194:443 udp
US 52.70.86.138:443 tcp
NL 142.250.179.162:443 udp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
NL 185.83.142.19:443 tcp
CA 185.80.39.216:443 tcp
NL 142.250.179.130:443 udp
US 142.251.16.120:443 udp
US 44.194.193.183:443 tcp
US 44.194.193.183:443 tcp
US 44.194.193.183:443 tcp
NL 65.9.86.104:443 static.adsafeprotected.com tcp
NL 142.251.36.2:443 googleads4.g.doubleclick.net tcp
NL 142.250.179.134:443 s0.2mdn.net tcp
NL 142.251.36.2:443 udp
DE 136.243.171.216:443 s170.123apps.com tcp
DE 136.243.171.216:443 s170.123apps.com tcp
NL 142.251.36.35:443 udp
US 8.8.4.4:443 dns.google udp
NL 142.251.36.14:443 sb-ssl.google.com udp
NL 142.250.179.142:443 udp
US 216.239.32.36:443 udp
NL 172.217.168.227:443 udp
US 8.8.4.4:443 dns.google udp
NL 142.251.36.35:443 udp
NL 142.250.179.142:443 udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 udp
US 8.8.8.8:53 discord.com udp
US 162.159.128.233:443 discord.com tcp
US 74.118.184.143:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
NL 185.83.142.19:443 tcp
NL 185.83.142.19:443 tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
US 145.40.88.5:443 prebid.a-mo.net tcp
NL 216.52.2.48:443 ap.lijit.com tcp
NL 142.250.179.130:443 udp
NL 142.250.179.161:443 udp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 54.227.36.165:443 tcp
FR 185.86.137.114:443 prg-apac.smartadserver.com tcp
NL 185.83.142.19:443 tcp
NL 185.83.142.19:443 tcp
US 74.118.184.143:443 tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
NL 216.52.2.48:443 ap.lijit.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
JP 35.213.86.143:443 tcp
JP 35.213.86.143:443 tcp
NL 172.217.168.227:443 udp
NL 142.251.36.14:443 sb-ssl.google.com udp
US 173.194.194.94:443 id.google.com tcp
NL 142.251.36.14:443 sb-ssl.google.com udp
FR 151.80.29.83:443 tcp
FR 151.80.29.83:443 tcp
US 188.114.97.3:443 ad.plus tcp
FR 149.202.85.166:443 tcp
FR 51.38.43.18:443 tcp
FR 149.202.85.166:443 tcp
NL 65.9.86.93:443 cdn.intergient.com tcp
US 104.26.6.139:443 btloader.com tcp
NL 142.250.179.130:443 udp
US 104.26.2.70:443 ad-delivery.net tcp
US 104.26.2.70:443 tcp
NL 65.9.86.60:443 cdn.intergi.com tcp
NL 142.250.179.130:443 udp
NL 142.250.179.170:443 udp
US 216.239.32.36:443 udp
US 130.211.23.194:443 api.btloader.com tcp
NL 142.251.36.1:443 udp
NL 104.80.229.151:443 z.moatads.com tcp
NL 65.9.86.103:443 config.playwire.com tcp
NL 65.9.86.32:443 tags.crwdcntrl.net tcp
US 54.90.254.15:443 tcp
US 54.165.58.209:443 tcp
DE 141.95.33.111:443 id5-sync.com tcp
US 3.218.10.121:443 tcp
US 34.160.46.1:443 fid.agkn.com tcp
NL 142.251.39.106:443 udp
FR 31.14.70.246:443 tcp
US 3.227.250.154:443 tcp
US 3.227.250.154:443 tcp
NL 172.217.168.194:443 udp
US 3.227.250.154:443 tcp
NL 142.250.179.162:443 udp
US 35.227.252.103:443 rtb.openx.net tcp
US 35.190.60.146:443 id.rlcdn.com tcp
DE 3.126.163.185:443 tcp
GB 3.11.254.218:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
US 172.64.152.63:443 mp.4dex.io tcp
US 104.18.19.126:443 htlb.casalemedia.com tcp
US 34.149.20.76:443 ssc.33across.com tcp
US 34.149.20.76:443 tcp
US 34.149.20.76:443 tcp
US 34.149.20.76:443 tcp
GB 185.64.190.77:443 tcp
US 74.118.184.142:443 tcp
DE 35.158.179.242:443 tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
US 3.214.130.52:443 btlr.sharethrough.com tcp
US 3.214.130.52:443 btlr.sharethrough.com tcp
US 3.214.130.52:443 btlr.sharethrough.com tcp
US 3.214.127.213:443 tcp
US 34.195.224.168:443 tcp
US 3.214.127.213:443 tcp
US 34.195.224.168:443 tcp
NL 104.81.141.9:443 tcp
US 34.149.40.38:443 u.4dex.io tcp
NL 23.2.211.147:443 secure-assets.rubiconproject.com tcp
NL 213.19.162.80:443 tcp
NL 178.250.2.130:443 static.criteo.net tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
NL 142.250.179.161:443 tcp
NL 142.250.179.161:443 cdn.ampproject.org tcp
NL 142.250.179.161:443 tcp
NL 142.250.179.161:443 tcp
NL 142.250.179.161:443 tcp
NL 65.9.86.66:443 public.servenobid.com tcp
NL 104.123.40.23:443 contextual.media.net tcp
DE 141.95.33.111:443 id5-sync.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 18.214.180.95:443 tcp
NL 216.52.2.48:443 ap.lijit.com tcp
US 199.127.204.171:443 tcp
NL 193.0.160.128:443 tcp
US 69.166.1.10:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
NL 216.52.2.48:443 ce.lijit.com tcp
DE 3.126.56.137:443 ups.analytics.yahoo.com tcp
US 138.197.50.103:443 tcp
US 138.197.50.103:443 x.yieldlift.com tcp
US 52.223.40.198:443 tcp
DK 37.157.4.23:443 tcp
US 192.132.33.46:443 tcp
DE 37.252.173.27:443 secure.adnxs.com tcp
CA 15.235.43.132:443 gu.dyntrk.com tcp
DE 37.252.173.27:443 secure.adnxs.com tcp
IE 54.154.199.204:443 tcp
NL 23.2.175.14:443 tcp
IE 63.32.210.84:443 tcp
IE 54.73.71.55:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 50.31.142.31:443 tcp
DE 3.122.20.151:443 tcp
US 34.196.85.232:443 tcp
US 52.205.223.187:443 tcp
US 198.148.27.140:443 bh.contextweb.com tcp
US 193.122.130.38:443 sync.technoratimedia.com tcp
US 38.91.45.7:443 match.deepintent.com tcp
US 18.208.125.151:443 tcp
US 64.74.236.127:443 tcp
US 35.172.99.217:443 tcp
US 35.172.99.217:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
FR 185.86.137.131:443 rtb-csync.smartadserver.com tcp
FR 185.86.137.131:443 rtb-csync.smartadserver.com tcp
US 44.209.207.157:443 tcp
JP 202.241.208.57:443 tcp
US 35.172.99.217:443 tcp
US 35.172.99.217:443 tcp
US 35.172.99.217:443 tcp
US 35.172.99.217:443 tcp
JP 202.241.208.57:443 tcp
US 192.184.69.167:443 tcp
NL 104.126.124.21:443 stags.bluekai.com tcp
US 50.31.142.31:443 tcp
US 172.217.197.94:443 udp
NL 142.251.36.35:443 udp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 74.118.184.142:443 tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
NL 216.52.2.48:443 ap.lijit.com tcp
NL 142.250.179.134:443 udp
NL 104.109.249.82:443 sync.teads.tv tcp
NL 104.109.249.82:443 tcp
US 64.74.236.127:443 tcp
US 52.205.223.187:443 tcp
NL 142.251.36.2:443 udp
US 34.96.105.8:443 tr.blismedia.com tcp
NL 142.250.179.134:443 udp
RU 213.180.204.90:443 an.yandex.ru tcp
FR 162.19.80.91:443 c.eu1.dyntrk.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
US 67.202.105.34:443 de.tynt.com tcp
US 67.202.105.32:443 hde.tynt.com tcp
DE 3.122.20.151:443 tcp
NL 63.215.202.137:443 tcp
NL 193.0.160.128:443 tcp
US 34.117.239.71:443 events-ssc.33across.com tcp
US 34.117.239.71:443 tcp
US 34.117.239.71:443 tcp
US 34.104.35.123:80 edgedl.me.gvt1.com tcp
NL 142.250.179.163:443 udp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 74.118.184.142:443 tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
US 172.98.26.245:443 pbjs.e-planning.net tcp
NL 142.251.36.35:443 udp
DE 51.89.9.254:443 onetag-sys.com tcp
NL 142.250.179.130:443 udp
NL 172.217.168.194:443 udp
US 3.223.154.227:443 tcp
NL 142.250.179.162:443 udp
NL 142.251.36.2:443 udp
NL 185.94.180.126:443 tcp
SE 213.155.156.169:443 d5p.de17a.com tcp
NL 185.94.180.126:443 tcp
NL 104.123.44.23:443 cs.media.net tcp
US 3.221.233.8:443 tcp
NL 216.58.214.3:443 google.nl tcp
NL 172.217.168.227:443 udp
US 8.8.8.8:53 ip4.seeip.org udp
US 23.128.64.141:443 ip4.seeip.org tcp
US 8.8.8.8:53 ip-api.com udp
US 208.95.112.1:80 ip-api.com tcp
US 74.118.184.142:443 tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 162.159.128.233:443 discord.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
US 35.215.90.198:443 tcp
FR 185.86.139.103:443 ssbsync.smartadserver.com tcp
US 3.221.233.8:443 tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
FR 185.86.137.131:443 rtb-csync.smartadserver.com tcp
NL 142.250.179.130:443 udp
NL 142.251.39.98:443 udp
NL 172.217.168.226:443 udp
US 162.159.128.233:443 discord.com tcp
NL 142.251.36.2:443 udp
NL 142.251.39.98:443 udp
NL 142.251.36.2:443 udp
DE 168.119.79.223:443 tcp
NL 23.72.252.161:443 ads.stickyadstv.com tcp
IE 63.32.210.84:443 tcp
NL 23.72.252.161:443 tcp
NL 142.250.179.170:443 udp
DE 18.156.0.31:443 ups.analytics.yahoo.com tcp
US 35.186.193.173:443 gcm.ctnsnet.com tcp
NL 193.0.160.128:443 tcp
US 174.137.133.49:443 tcp
GB 18.134.84.20:443 tcp
US 174.137.133.49:443 tcp
US 162.159.128.233:443 discord.com tcp
US 162.159.128.233:443 discord.com tcp
US 69.166.1.8:443 tcp
US 172.98.26.246:443 tcp
US 74.118.184.142:443 tcp
US 8.8.4.4:443 dns.google udp
DE 37.252.172.250:443 secure.adnxs.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
NL 142.251.39.98:443 udp
NL 172.217.168.226:443 udp
NL 142.250.179.130:443 udp
NL 142.251.36.2:443 udp
NL 142.251.39.98:443 udp
NL 142.251.36.2:443 udp
US 69.166.1.10:443 tcp
FR 185.86.139.103:443 ssbsync.smartadserver.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
GB 66.155.71.149:443 tcp
NL 65.9.86.46:443 s.ad.smaato.net tcp
NL 216.58.214.3:443 udp
NL 172.217.168.238:443 clients2.google.com udp
NL 142.251.36.35:443 udp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
US 74.118.184.142:443 tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
NL 142.251.39.98:443 udp
NL 172.217.168.226:443 udp
NL 142.250.179.130:443 udp
NL 142.251.36.2:443 udp
NL 142.251.39.98:443 udp
NL 142.251.36.2:443 udp
NL 142.250.179.134:443 udp
US 69.166.1.10:443 tcp
DE 51.89.9.254:443 onetag-sys.com tcp
DE 3.121.65.152:443 tcp
DK 37.157.6.241:443 tcp
US 52.21.122.168:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
US 216.239.32.36:443 udp
NL 142.251.36.1:443 udp
NL 142.250.179.130:443 udp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 35.190.90.30:443 odr.mookie1.com tcp
GB 3.11.254.218:443 tcp
US 52.5.82.174:443 tcp
US 18.218.129.96:443 tcp
CA 15.235.43.132:443 gu.dyntrk.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
US 74.118.184.142:443 tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
NL 104.123.44.23:443 c21lg-d.media.net tcp
DE 195.201.152.90:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
NL 159.65.197.210:443 match.adsby.bidtheatre.com tcp
US 3.214.226.3:443 tcp
US 69.166.1.10:443 tcp
NL 216.52.2.48:443 ce.lijit.com tcp
NL 216.52.2.48:443 ap.lijit.com tcp
NL 193.0.160.129:443 tcp
DE 18.156.0.31:443 ups.analytics.yahoo.com tcp
US 199.127.204.171:443 tcp
US 145.40.89.200:443 prebid.a-mo.net tcp
FR 185.86.137.131:443 rtb-csync.smartadserver.com tcp
US 138.197.50.103:443 x.yieldlift.com tcp
US 80.77.87.164:443 tcp
IE 52.208.242.118:443 tcp
FR 185.86.137.131:443 tcp
IE 63.32.210.84:443 tcp
US 52.5.242.57:443 tcp
US 52.5.54.148:443 tcp
US 107.20.141.222:443 tcp
US 3.221.53.246:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 8.8.4.4:443 dns.google udp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 80.77.87.164:443 tcp
NL 142.250.179.170:443 udp
US 38.91.45.7:443 match.deepintent.com tcp
US 199.127.204.171:443 tcp
US 64.202.112.63:443 tcp
US 35.172.99.217:443 tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 35.172.99.217:443 tcp
NL 104.126.124.21:443 stags.bluekai.com tcp
US 3.227.250.201:443 tcp
US 3.227.250.201:443 tcp
US 3.227.250.201:443 tcp
DE 136.243.61.83:443 ad.a-ads.com tcp
DE 136.243.11.250:443 static.a-ads.com tcp
DE 116.202.214.170:443 tcp
DE 116.202.214.170:443 click.a-ads.com tcp
IE 13.69.228.3:443 tcp
US 54.193.7.186:443 tcp
US 13.107.246.67:443 tcp
US 13.107.246.67:443 tcp
US 13.107.246.67:443 tcp
US 13.107.246.67:443 tcp
US 13.107.246.67:443 tcp
US 13.107.246.67:443 tcp
US 35.190.70.79:443 cdn.sanity.io tcp
US 35.190.70.79:443 tcp
US 35.190.70.79:443 tcp
US 35.190.70.79:443 tcp
US 35.190.70.79:443 tcp
US 54.193.7.186:443 tcp
US 13.107.246.67:443 tcp
US 34.96.102.137:443 dev.visualwebsiteoptimizer.com tcp
US 34.96.102.137:443 udp
US 142.250.102.157:443 udp
NL 142.251.36.3:443 udp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 74.118.184.142:443 tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
DE 195.201.152.90:443 tcp
SE 213.155.156.169:443 d5p.de17a.com tcp
US 69.166.1.10:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
FR 31.14.70.246:443 tcp
US 54.161.122.246:443 tcp
NL 142.251.36.1:443 udp
US 54.146.152.111:443 tcp
US 209.205.201.34:443 ghb.adtelligent.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 74.118.184.142:443 tcp
GB 185.64.190.80:443 tcp
US 8.253.208.37:443 cdn.vidcrunch.com tcp
US 52.45.229.205:443 tcp
NL 104.123.45.99:443 tcp
FR 2.17.34.84:443 player.vidcrunch.com tcp
US 34.192.54.128:443 tcp
US 69.166.1.10:443 tcp
FR 2.17.34.84:443 player.vidcrunch.com tcp
FR 2.17.34.84:443 player.vidcrunch.com tcp
FR 2.17.34.84:443 player.vidcrunch.com tcp
NL 104.80.224.197:443 tcp
US 23.21.8.79:443 tcp
US 193.122.130.38:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
NL 142.250.179.170:443 imasdk.googleapis.com tcp
NL 142.250.179.170:443 udp
NL 142.250.179.134:443 udp
US 152.199.5.184:443 tcp
US 216.239.32.116:443 udp
NL 23.2.211.147:443 secure-assets.rubiconproject.com tcp
US 67.202.105.22:443 pixel.33across.com tcp
DE 37.252.173.38:443 secure.adnxs.com tcp
NL 178.250.2.146:443 gum.criteo.com tcp
GB 66.155.71.149:443 tcp
US 35.169.70.139:443 tcp
NL 193.0.160.129:443 tcp
US 54.84.160.184:443 tcp
NL 77.245.57.72:443 tcp
FR 141.94.242.204:443 green.erne.co tcp
NL 178.250.2.146:443 gum.criteo.com tcp
NL 46.228.164.11:443 tcp
FR 141.94.171.215:443 pixel-eu.onaudience.com tcp
NL 185.94.180.125:443 tcp
US 38.91.45.7:443 match.deepintent.com tcp
NL 77.245.57.72:443 tcp
NL 46.228.164.11:443 ad.turn.com tcp
US 3.215.101.237:443 tcp
US 198.148.27.140:443 bh.contextweb.com tcp
NL 185.94.180.125:443 tcp
NL 142.250.179.130:443 udp
NL 34.91.62.186:443 tcp
US 69.166.1.10:443 tcp
DE 18.158.247.155:443 tcp
US 74.118.184.142:443 tcp
DE 3.121.65.152:443 tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 52.45.229.205:443 tcp
NL 216.52.2.48:443 ce.lijit.com tcp
US 44.201.217.92:443 ads.avct.cloud tcp
NL 142.251.36.35:443 udp
NL 142.251.36.34:443 pubads.g.doubleclick.net tcp
NL 104.109.249.82:443 sync.teads.tv tcp
IE 52.94.223.167:443 tcp
DE 18.156.0.31:443 ups.analytics.yahoo.com tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 34.197.59.15:443 tcp
NL 104.123.40.23:443 contextual.media.net tcp
US 192.96.200.41:443 tcp
NL 89.207.16.204:443 tcp
US 34.231.236.133:443 tcp
CA 15.235.43.132:443 gu.dyntrk.com tcp
US 150.136.25.38:443 tcp
US 150.136.25.38:443 uat-net.technoratimedia.com tcp
US 150.136.25.38:443 tcp
US 150.136.25.38:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 34.204.28.136:443 tcp
NL 89.207.16.140:443 tcp
NL 185.94.180.125:443 tcp
US 192.96.200.41:443 tcp
US 69.166.1.10:443 tcp
US 141.226.124.48:443 tcp
NL 216.52.2.48:443 ap.lijit.com tcp
US 159.203.145.121:443 tcp
DE 85.114.159.93:443 tcp
FR 178.250.0.163:443 dis.criteo.com tcp
US 64.202.112.63:443 tcp
US 64.202.112.63:443 tcp
US 199.127.204.171:443 tcp
DE 162.19.138.117:443 id5-sync.com tcp
US 74.119.119.150:443 widget.us.criteo.com tcp
FR 185.86.137.133:443 rtb-csync.smartadserver.com tcp
FR 185.86.137.133:443 rtb-csync.smartadserver.com tcp
US 159.203.145.121:443 tcp
US 192.132.33.46:443 tcp
IE 52.31.4.32:443 tcp
US 3.225.197.224:443 tcp
CA 185.80.39.216:443 dsum.casalemedia.com tcp
CA 185.80.39.216:443 dsum-sec.casalemedia.com tcp
US 34.104.35.123:80 edgedl.me.gvt1.com tcp
CA 185.80.39.216:443 tcp
US 3.227.250.201:443 tcp
US 3.227.250.201:443 tcp
US 3.227.250.201:443 tcp
NL 23.72.252.161:443 ads.stickyadstv.com tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 159.203.145.121:443 cs.chocolateplatform.com tcp
US 159.203.145.121:443 tcp
US 8.8.8.8:53 zerossl.crt.sectigo.com udp
GB 91.199.212.52:80 zerossl.crt.sectigo.com tcp
NL 142.251.36.34:443 udp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 8.8.4.4:443 dns.google udp
NL 142.250.179.163:443 udp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
NL 142.250.179.134:443 udp
US 69.166.1.10:443 tcp
NL 216.52.2.48:443 ap.lijit.com tcp
BR 35.199.82.15:443 tcp
BR 35.199.82.15:443 tcp
NL 172.217.168.227:443 udp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
DE 195.201.152.90:443 tcp
US 69.166.1.10:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 35.217.93.191:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
NL 142.251.36.3:443 udp
NL 142.251.36.3:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 108.177.119.94:443 udp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
US 74.118.184.142:443 tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
NL 142.250.179.134:443 udp
US 69.166.1.10:443 tcp
US 159.203.145.121:443 tcp
US 159.203.145.121:443 tcp
US 159.203.145.121:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
NL 142.251.36.1:443 udp
US 159.203.145.121:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 74.118.184.142:443 tcp
DE 91.228.72.119:8443 eu-google-rtb.quantserve.com tcp
NL 104.80.225.152:443 z.moatads.com tcp
US 192.184.69.239:443 tcp
US 192.184.69.239:443 tcp
NL 65.9.86.107:443 tcp
NL 65.9.86.107:443 content.quantcount.com tcp
NL 142.250.179.134:443 udp
US 18.235.70.192:443 tcp
GB 3.11.123.3:443 tcp
DE 91.228.74.168:443 tcp
NL 142.250.179.170:443 udp
US 69.166.1.10:443 tcp
US 159.203.145.121:443 tcp
NL 142.251.36.6:443 static.doubleclick.net tcp
US 159.203.145.121:443 tcp
US 104.16.12.64:443 c.bannerflow.net tcp
US 159.203.145.121:443 tcp
US 159.203.145.121:443 tcp
NL 104.123.45.151:443 quantcast584928381.s.moatpixel.com tcp
NL 104.123.45.151:443 tcp
NL 104.123.45.151:443 tcp
NL 104.123.45.151:443 tcp
US 104.16.12.64:443 c.bannerflow.net tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
NL 142.250.179.142:443 udp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
DE 37.252.172.250:443 secure.adnxs.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
NL 142.251.39.98:443 udp
NL 142.250.179.130:443 udp
NL 142.251.36.2:443 udp
NL 142.251.39.98:443 udp
US 69.166.1.10:443 tcp
US 159.203.145.121:443 tcp
DE 51.89.9.254:443 onetag-sys.com tcp
DK 37.157.5.142:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp
US 159.203.145.121:443 tcp
US 159.203.145.121:443 tcp
NL 172.217.168.227:443 udp
US 159.203.145.121:443 tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 74.118.184.142:443 tcp
NL 142.250.179.134:443 udp
US 69.166.1.10:443 tcp
US 159.203.145.121:443 tcp
US 159.203.145.121:443 tcp
US 159.203.145.121:443 tcp
NL 142.251.36.1:443 udp
US 159.203.145.121:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
NL 142.251.36.3:443 udp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 108.177.119.94:443 udp
US 216.239.32.116:443 udp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
NL 142.251.36.35:443 udp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 74.118.184.142:443 tcp
US 74.118.184.142:443 tcp
US 193.122.130.38:443 vidcrunch.technoratimedia.com tcp
US 69.166.1.8:443 apex.go.sonobi.com tcp
US 172.98.26.246:443 pbjs.e-planning.net tcp
NL 185.89.210.244:443 tcp
US 69.166.1.10:443 tcp
FR 185.86.137.121:443 ssbsync.smartadserver.com tcp

Files

memory/2220-132-0x0000000000150000-0x000000000048A000-memory.dmp

memory/2220-133-0x00000000054F0000-0x0000000005A94000-memory.dmp

memory/2220-134-0x0000000004E20000-0x0000000004EB2000-memory.dmp

memory/2220-135-0x0000000004ED0000-0x0000000004EDA000-memory.dmp

memory/2220-136-0x0000000004F29000-0x0000000004F2F000-memory.dmp

memory/2220-137-0x0000000004F29000-0x0000000004F2F000-memory.dmp

memory/2220-138-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/2220-139-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/2220-140-0x000000000BF10000-0x000000000BFEB000-memory.dmp

\??\pipe\crashpad_2228_PZBWDSVQEIOYOBQJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

memory/2220-142-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/2220-143-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/2220-144-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/2220-145-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/2220-146-0x000000000BF10000-0x000000000BFEB000-memory.dmp

memory/6400-147-0x0000000000000000-mapping.dmp

memory/6400-148-0x00000000050C9000-0x00000000050CF000-memory.dmp

memory/6400-149-0x000000000C880000-0x000000000C884000-memory.dmp

memory/6400-150-0x00000000050C9000-0x00000000050CF000-memory.dmp

memory/6400-151-0x000000000C880000-0x000000000C884000-memory.dmp

memory/6576-152-0x0000000000000000-mapping.dmp

memory/4904-153-0x0000000000000000-mapping.dmp

memory/6400-154-0x000000000C884000-0x000000000C887000-memory.dmp

memory/6400-155-0x000000000C887000-0x000000000C88A000-memory.dmp

memory/6400-156-0x000000000C88A000-0x000000000C88F000-memory.dmp

memory/6400-157-0x000000000C884000-0x000000000C887000-memory.dmp

memory/6400-158-0x000000000C887000-0x000000000C88A000-memory.dmp

memory/6400-159-0x000000000C88A000-0x000000000C88F000-memory.dmp

memory/6400-161-0x000000000C887000-0x000000000C88A000-memory.dmp

memory/6400-160-0x000000000C880000-0x000000000C884000-memory.dmp

memory/6400-162-0x000000000C88A000-0x000000000C88F000-memory.dmp

memory/8100-163-0x0000000000010000-0x0000000000020000-memory.dmp

memory/8100-164-0x00007FFF38B10000-0x00007FFF395D1000-memory.dmp

memory/8100-165-0x000000001B9D0000-0x000000001BA20000-memory.dmp

memory/8100-166-0x00007FFF38B10000-0x00007FFF395D1000-memory.dmp

memory/8100-167-0x00007FFF38B10000-0x00007FFF395D1000-memory.dmp

memory/5792-168-0x0000000000000000-mapping.dmp