Overview

overview

10

Static

static

CJYUAEBL.exe

windows10-2004-x64

10

Resubmissions

05-12-2022 20:48

221205-zlvssshg5t 10

05-12-2022 20:07

221205-ywb8rseh41 10

Analysis

  • max time kernel
    1800s
  • max time network
    1806s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-12-2022 20:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CJYUAEBL.exe

  • Size

    1010KB

  • MD5

    7cb5f631784c4e56f1bbbd2db5e08cf4

  • SHA1

    467bcd4c278b2fae07b3dfb68b29814f0c1ec606

  • SHA256

    ffa9f3d0e3d4d29b10cba30fe3394d538b8c415e9c29cf36a56990e9204ec7bf

  • SHA512

    07ec1ed2124d24c02438fec3cd9ca65897f320fcb324192f5717ff0759c3a6a24e04e88dff84fd4ba37e0370c24d092231c93147fe90e93ce981cda6335d33f2

  • SSDEEP

    24576:owfXt2qCbasU3cyK9pNhMhtrjxLF7ZQ/ronBb5:oEcO+9bh+1lLFaMnBb

Score
10/10
bitratmodiloaderpersistencetrojanupx

Malware Config

Extracted

Family

bitrat

Version

1.38

C2

winery.nsupdate.info:5877

Attributes
  • communication_password

    e5ff7c52fb3501484ea7ca8641803415

  • tor_process

    tor

Signatures

  • BitRAT

    BitRAT is a remote access tool written in C++ and uses leaked source code from other families.

    trojanbitrat
  • ModiLoader, DBatLoader

    ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    trojanmodiloader
  • ModiLoader Second Stage 1 IoCs
  • Modifies Installed Components in the registry 2 TTPs 1 IoCs
    persistence
  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates connected drives 3 TTPs 1 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of NtSetInformationThreadHideFromDebugger 5 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Checks SCSI registry key(s) 3 TTPs 22 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 8 IoCs
  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CJYUAEBL.exe
    "C:\Users\Admin\AppData\Local\Temp\CJYUAEBL.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:4788
    • C:\Windows\SysWOW64\colorcpl.exe
      C:\Windows\System32\colorcpl.exe
      2⤵
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:628
      • C:\Windows\explorer.exe
        "C:\Windows\explorer.exe"
        3⤵
        • Modifies Installed Components in the registry
        • Enumerates connected drives
        • Checks SCSI registry key(s)
        • Modifies Internet Explorer settings
        • Modifies registry class
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:3812
      • C:\Windows\SysWOW64\cmd.exe
        cmd.exe /c start chrome.exe --no-sandbox --allow-no-sandbox-job --enable-webgl-image-chromium --use-gl=desktop --noerrdialogs --log-level=0 --test-type --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598
        3⤵
        • Checks computer location settings
        • Suspicious use of WriteProcessMemory
        PID:2676
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-sandbox --allow-no-sandbox-job --enable-webgl-image-chromium --use-gl=desktop --noerrdialogs --log-level=0 --test-type --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598
          4⤵
          • Enumerates system info in registry
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:3756
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598 /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598 --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff83d9b4f50,0x7ff83d9b4f60,0x7ff83d9b4f70
            5⤵
              PID:1996
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --no-sandbox --log-level=0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=desktop --log-level=0 --mojo-platform-channel-handle=1624 --allow-no-sandbox-job /prefetch:2
              5⤵
              • Modifies registry class
              • Suspicious behavior: EnumeratesProcesses
              PID:3876
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=network --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=1888 --allow-no-sandbox-job /prefetch:8
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:1280
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --no-sandbox --log-level=0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-level=0 --mojo-platform-channel-handle=1748 --allow-no-sandbox-job /prefetch:2
              5⤵
              • Modifies registry class
              • Suspicious behavior: EnumeratesProcesses
              PID:3420
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=1844 --allow-no-sandbox-job /prefetch:8
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:3468
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2804 --allow-no-sandbox-job /prefetch:1
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:4948
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2724 --allow-no-sandbox-job /prefetch:1
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:4572
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 --allow-no-sandbox-job /prefetch:1
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:1224
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3816 --allow-no-sandbox-job /prefetch:8
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:1064
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3932 --allow-no-sandbox-job /prefetch:8
              5⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:2804
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3936 --allow-no-sandbox-job /prefetch:8
              5⤵
                PID:2724
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3976 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3252
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4820 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:1116
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4284 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:4844
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4292 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3980
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4280 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3596
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4272 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:1388
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4340 --allow-no-sandbox-job /prefetch:1
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:2724
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4308 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:1536
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3992 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:4116
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=736 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3508
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4080 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:1964
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 --allow-no-sandbox-job /prefetch:1
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:2948
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2476 --allow-no-sandbox-job /prefetch:1
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3220
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4084 --allow-no-sandbox-job /prefetch:1
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3712
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2948 --allow-no-sandbox-job /prefetch:1
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:3536
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=audio --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3960 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:2772
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=video_capture --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3004 --allow-no-sandbox-job /prefetch:8
                5⤵
                • Modifies registry class
                • Suspicious behavior: EnumeratesProcesses
                PID:4720
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4704 --allow-no-sandbox-job /prefetch:1
                5⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:4180
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-sandbox --enable-webgl-image-chromium --log-level=0 --test-type --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 --allow-no-sandbox-job /prefetch:1
                5⤵
                  PID:4772
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=736 --allow-no-sandbox-job /prefetch:8
                  5⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2004
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=732 --allow-no-sandbox-job /prefetch:8
                  5⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4068
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=2308 --allow-no-sandbox-job /prefetch:8
                  5⤵
                    PID:3224
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --log-level=0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-level=0 --mojo-platform-channel-handle=4124 --allow-no-sandbox-job /prefetch:2
                    5⤵
                      PID:3712
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=1424 --allow-no-sandbox-job /prefetch:8
                      5⤵
                        PID:216
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4448 --allow-no-sandbox-job /prefetch:8
                        5⤵
                          PID:2568
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=1424 --allow-no-sandbox-job /prefetch:8
                          5⤵
                            PID:1460
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=1424 --allow-no-sandbox-job /prefetch:8
                            5⤵
                              PID:4076
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=3308 --allow-no-sandbox-job /prefetch:8
                              5⤵
                                PID:3596
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1612,10979469765918170877,3253851686315749853,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4628 --allow-no-sandbox-job /prefetch:8
                                5⤵
                                  PID:212
                            • C:\Windows\explorer.exe
                              "C:\Windows\explorer.exe"
                              3⤵
                                PID:5052
                              • C:\Windows\explorer.exe
                                "C:\Windows\explorer.exe"
                                3⤵
                                • Modifies registry class
                                PID:956
                              • C:\Windows\SysWOW64\cmd.exe
                                cmd.exe /c start msedge.exe --no-sandbox --allow-no-sandbox-job --enable-webgl-image-chromium --use-gl=desktop --noerrdialogs --log-level=0 --test-type --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598"
                                3⤵
                                • Checks computer location settings
                                PID:4408
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-sandbox --allow-no-sandbox-job --enable-webgl-image-chromium --use-gl=desktop --noerrdialogs --log-level=0 --test-type --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598"
                                  4⤵
                                  • Enumerates system info in registry
                                  • Modifies registry class
                                  PID:3388
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7ff84ce946f8,0x7ff84ce94708,0x7ff84ce94718
                                    5⤵
                                      PID:1104
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --no-sandbox --log-level=0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=desktop --log-level=0 --mojo-platform-channel-handle=2180 --allow-no-sandbox-job /prefetch:2
                                      5⤵
                                        PID:4216
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=2264 --allow-no-sandbox-job /prefetch:3
                                        5⤵
                                          PID:1600
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=2608 --allow-no-sandbox-job /prefetch:8
                                          5⤵
                                            PID:2272
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --no-sandbox --log-level=0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --log-level=0 --mojo-platform-channel-handle=2436 --allow-no-sandbox-job /prefetch:2
                                            5⤵
                                            • Modifies registry class
                                            PID:1236
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-sandbox --log-level=0 --test-type --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3156 --allow-no-sandbox-job /prefetch:1
                                            5⤵
                                              PID:2784
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-sandbox --log-level=0 --test-type --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 --allow-no-sandbox-job /prefetch:1
                                              5⤵
                                                PID:4176
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-sandbox --log-level=0 --test-type --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 --allow-no-sandbox-job /prefetch:1
                                                5⤵
                                                  PID:2120
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=service --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4368 --allow-no-sandbox-job /prefetch:8
                                                  5⤵
                                                    PID:444
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-sandbox --log-level=0 --test-type --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --disable-gpu-compositing --lang=en-US --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 --allow-no-sandbox-job /prefetch:1
                                                    5⤵
                                                      PID:3448
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=service --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4880 --allow-no-sandbox-job /prefetch:8
                                                      5⤵
                                                        PID:3820
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=5220 --allow-no-sandbox-job /prefetch:8
                                                        5⤵
                                                          PID:4032
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
                                                          5⤵
                                                          • Drops file in Program Files directory
                                                          PID:648
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x240,0x244,0x248,0x21c,0x24c,0x7ff65ed85460,0x7ff65ed85470,0x7ff65ed85480
                                                            6⤵
                                                              PID:3528
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=none --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=5220 --allow-no-sandbox-job /prefetch:8
                                                            5⤵
                                                              PID:5000
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --log-level=0 --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=swiftshader-webgl --log-level=0 --mojo-platform-channel-handle=5068 --allow-no-sandbox-job /prefetch:2
                                                              5⤵
                                                                PID:2908
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=5384 --allow-no-sandbox-job /prefetch:8
                                                                5⤵
                                                                  PID:1140
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=5036 --allow-no-sandbox-job /prefetch:8
                                                                  5⤵
                                                                    PID:3096
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=1256 --allow-no-sandbox-job /prefetch:8
                                                                    5⤵
                                                                      PID:2800
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=2952 --allow-no-sandbox-job /prefetch:8
                                                                      5⤵
                                                                        PID:376
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=4560 --allow-no-sandbox-job /prefetch:8
                                                                        5⤵
                                                                          PID:2416
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2124,14261019920256702969,8626464295150375000,131072 --lang=en-US --service-sandbox-type=utility --no-sandbox --log-level=0 --use-gl=desktop --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data935CB1CD91193186266598" --log-level=0 --mojo-platform-channel-handle=5156 --allow-no-sandbox-job /prefetch:8
                                                                          5⤵
                                                                            PID:3476
                                                                  • C:\Windows\System32\rundll32.exe
                                                                    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                    1⤵
                                                                      PID:4860
                                                                    • C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
                                                                      "C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
                                                                      1⤵
                                                                      • Modifies registry class
                                                                      • Suspicious use of SetWindowsHookEx
                                                                      PID:3064
                                                                    • C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
                                                                      "C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
                                                                      1⤵
                                                                      • Enumerates system info in registry
                                                                      • Modifies registry class
                                                                      • Suspicious use of SetWindowsHookEx
                                                                      PID:4480

                                                                    Network

                                                                    MITRE ATT&CK Enterprise v6

                                                                    Replay Monitor

                                                                    Loading Replay Monitor...

                                                                    Downloads

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\CrashpadMetrics-active.pma
                                                                      Filesize

                                                                      1024KB

                                                                      MD5

                                                                      03c4f648043a88675a920425d824e1b3

                                                                      SHA1

                                                                      b98ce64ab5f7a187d19deb8f24ca4ab5d9720a6d

                                                                      SHA256

                                                                      f91dbb7c64b4582f529c968c480d2dce1c8727390482f31e4355a27bb3d9b450

                                                                      SHA512

                                                                      2473f21cf8747ec981db18fb42726c767bbcca8dd89fd05ffd2d844206a6e86da672967462ac714e6fb43cc84ac35fffcec7ddc43a9357c1f8ed9d14105e9192

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Crashpad\settings.dat
                                                                      Filesize

                                                                      40B

                                                                      MD5

                                                                      2141e916c95cfa9ad154136321e16bab

                                                                      SHA1

                                                                      e5eca565f7d6e04aacb92e2d334f0dbf39c799b0

                                                                      SHA256

                                                                      dadff5e5eaa502c91cf8cc77b20dbd3b166efcf1f4f39536d98e73121895d275

                                                                      SHA512

                                                                      0b59ccda76d76ab5142273153d4a57bbd8eb112b3d2c46d08448113fb0fb178c5927d5855d33e43dc3376c9196dde6c924bbf021b914363c2d7e2f931b2c07a7

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Cache\data_0
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      cf89d16bb9107c631daabf0c0ee58efb

                                                                      SHA1

                                                                      3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                      SHA256

                                                                      d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                      SHA512

                                                                      8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Cache\data_1
                                                                      Filesize

                                                                      264KB

                                                                      MD5

                                                                      4f86a7653c2ab82c19577762d0ad797c

                                                                      SHA1

                                                                      cdc19e307fa8580ff0e38556ee1db7670dfb2da2

                                                                      SHA256

                                                                      36b40409b02f4d8f33bb4499681d7ea6c9f1d4c5435a96bc75d3c55b27d77724

                                                                      SHA512

                                                                      4f4433b00b1675b16d1cbeb0efb0b6229ff16bdcf39b22fa47319eeac1c68a8316758dbdfd359adb24e3ca1471f1cd0469628fcf90fd4a9ff89f6ff4fb3ff3cf

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Cache\data_2
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      0962291d6d367570bee5454721c17e11

                                                                      SHA1

                                                                      59d10a893ef321a706a9255176761366115bedcb

                                                                      SHA256

                                                                      ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                      SHA512

                                                                      f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Cache\data_3
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      41876349cb12d6db992f1309f22df3f0

                                                                      SHA1

                                                                      5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                      SHA256

                                                                      e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                      SHA512

                                                                      e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Cache\index
                                                                      Filesize

                                                                      512KB

                                                                      MD5

                                                                      d918ab295b2ca9f4b458c44a137b5dd5

                                                                      SHA1

                                                                      e76e892f4dca842fdd4d942d1aef4a5556c01bc1

                                                                      SHA256

                                                                      79a5d72fa7b75ac15334f732c94502e8c9619e1535ab57aa9cb9f927951aee71

                                                                      SHA512

                                                                      4b53988b1bd2165b1cefe988cf92dd2b52a529282d5d1718975ac7c3f317277f4476d2471acc98b03c61b1a829db50b4b6188e0d384fabb9a229824585ad9415

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Code Cache\js\index
                                                                      Filesize

                                                                      24B

                                                                      MD5

                                                                      54cb446f628b2ea4a5bce5769910512e

                                                                      SHA1

                                                                      c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                      SHA256

                                                                      fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                      SHA512

                                                                      8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Code Cache\js\index-dir\the-real-index
                                                                      Filesize

                                                                      48B

                                                                      MD5

                                                                      78f33319014a67498e6ec15dbca73078

                                                                      SHA1

                                                                      6f6eda98b7df1841b21e02616c730581b7405a65

                                                                      SHA256

                                                                      0c3df31bff9b5e69aea274a2cb5889c8128236197f6e96b21f087c9f08a1acc2

                                                                      SHA512

                                                                      afa5e67da1d06443f7cf5cd8cdbdf5cb296fb99e0ae98305b3a2a313818e116ab3a574f137f30e6362d0bbec87f83f2a696e0f34393c7012e027c8a5afc598aa

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Code Cache\wasm\index
                                                                      Filesize

                                                                      24B

                                                                      MD5

                                                                      54cb446f628b2ea4a5bce5769910512e

                                                                      SHA1

                                                                      c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                      SHA256

                                                                      fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                      SHA512

                                                                      8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Code Cache\wasm\index-dir\the-real-index
                                                                      Filesize

                                                                      48B

                                                                      MD5

                                                                      78f33319014a67498e6ec15dbca73078

                                                                      SHA1

                                                                      6f6eda98b7df1841b21e02616c730581b7405a65

                                                                      SHA256

                                                                      0c3df31bff9b5e69aea274a2cb5889c8128236197f6e96b21f087c9f08a1acc2

                                                                      SHA512

                                                                      afa5e67da1d06443f7cf5cd8cdbdf5cb296fb99e0ae98305b3a2a313818e116ab3a574f137f30e6362d0bbec87f83f2a696e0f34393c7012e027c8a5afc598aa

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Cookies
                                                                      Filesize

                                                                      20KB

                                                                      MD5

                                                                      055c8c5c47424f3c2e7a6fc2ee904032

                                                                      SHA1

                                                                      5952781d22cff35d94861fac25d89a39af6d0a87

                                                                      SHA256

                                                                      531b3121bd59938df4933972344d936a67e75d8b1741807a8a51c898d185dd2a

                                                                      SHA512

                                                                      c2772893695f49cb185add62c35284779b20d45adc01184f1912613fa8b2d70c8e785f0d7cfa3bfaf1d2d58e7cdc74f4304fd973a956601927719d6d370dd57a

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Favicons
                                                                      Filesize

                                                                      20KB

                                                                      MD5

                                                                      5688ce73407154729a65e71e4123ab21

                                                                      SHA1

                                                                      9a2bb4125d44f996af3ed51a71ee6f8ecd296bd7

                                                                      SHA256

                                                                      be1b822e970dfe1a120d248db7000eaf799bd6531929a1308676c70fe1608d60

                                                                      SHA512

                                                                      eb6452b23ea36c39d03ead154185616c13583f12f382cb2456beeb1ba6e5febdfd2a6f1064283cf115ad1c517dbf409777cdacb128e00c9d3f401335db355537

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\GPUCache\data_0
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      cf89d16bb9107c631daabf0c0ee58efb

                                                                      SHA1

                                                                      3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                      SHA256

                                                                      d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                      SHA512

                                                                      8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\GPUCache\data_1
                                                                      Filesize

                                                                      264KB

                                                                      MD5

                                                                      f50f89a0a91564d0b8a211f8921aa7de

                                                                      SHA1

                                                                      112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                      SHA256

                                                                      b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                      SHA512

                                                                      bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\GPUCache\data_2
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      0962291d6d367570bee5454721c17e11

                                                                      SHA1

                                                                      59d10a893ef321a706a9255176761366115bedcb

                                                                      SHA256

                                                                      ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                      SHA512

                                                                      f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\GPUCache\data_3
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      41876349cb12d6db992f1309f22df3f0

                                                                      SHA1

                                                                      5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                      SHA256

                                                                      e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                      SHA512

                                                                      e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\GPUCache\index
                                                                      Filesize

                                                                      256KB

                                                                      MD5

                                                                      539ddd755fefaacff3b8c36bc148dd39

                                                                      SHA1

                                                                      d1571801bbe736b920de4079a43461ee4dc4fd99

                                                                      SHA256

                                                                      ae0a0a2b288b5c346cbf770846b33848322d14c7032048ec4649541d5e4d5e5f

                                                                      SHA512

                                                                      5a3df92d2f1b255422753fd362f27d9dbd7ab95c879fb63ce2568217b6abf8df9315fd370cc204da21eb2384cb4515a9deedfc7452628ca1ac2bd80b03398b6c

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\History
                                                                      Filesize

                                                                      116KB

                                                                      MD5

                                                                      4e2922249bf476fb3067795f2fa5e794

                                                                      SHA1

                                                                      d2db6b2759d9e650ae031eb62247d457ccaa57d2

                                                                      SHA256

                                                                      c2c17166e7468877d1e80822f8a5f35a7700ac0b68f3b369a1f4154ae4f811e1

                                                                      SHA512

                                                                      8e5e12daf11f9f6e73fb30f563c8f2a64bbc7bb9deffe4969e23081ec1c4073cdf6c74e8dbcc65a271142083ad8312ec7d59505c90e718a5228d369f4240e1da

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Local Storage\leveldb\CURRENT
                                                                      Filesize

                                                                      16B

                                                                      MD5

                                                                      46295cac801e5d4857d09837238a6394

                                                                      SHA1

                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                      SHA256

                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                      SHA512

                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Local Storage\leveldb\LOG
                                                                      Filesize

                                                                      145B

                                                                      MD5

                                                                      4a64625c341ea60012752fdb2dfe353c

                                                                      SHA1

                                                                      52fdea8fcca2c80be41798b3d7086c7c95204f34

                                                                      SHA256

                                                                      997c5a2b614bcf3c2f6ce5b19e05341394d0838c466b6fc5e2506c1067fecb15

                                                                      SHA512

                                                                      b3a9f1498e6be2cb5892878659096f7ea074768f131c263f4b0a0f41ecf4088fe8e88dfd1ff1f89c78ee7cf8efd254bd58833a2f4831129a6726262e24babf80

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Local Storage\leveldb\MANIFEST-000001
                                                                      Filesize

                                                                      41B

                                                                      MD5

                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                      SHA1

                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                      SHA256

                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                      SHA512

                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Login Data
                                                                      Filesize

                                                                      40KB

                                                                      MD5

                                                                      b608d407fc15adea97c26936bc6f03f6

                                                                      SHA1

                                                                      953e7420801c76393902c0d6bb56148947e41571

                                                                      SHA256

                                                                      b281ce54125d4250a80f48fcc02a8eea53f2c35c3b726e2512c3d493da0013bf

                                                                      SHA512

                                                                      cc96ddf4bf90d6aaa9d86803cb2aa30cd8e9b295aee1bd5544b88aeab63dc60bb1d4641e846c9771bab51aabbfbcd984c6d3ee83b96f5b65d09c0841d464b9e4

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Media History
                                                                      Filesize

                                                                      140KB

                                                                      MD5

                                                                      1ddfe694c682299567c25daee0cf2a04

                                                                      SHA1

                                                                      d32bb6199d95989525ce204a859780cca708142c

                                                                      SHA256

                                                                      2237a10a071315f272ac9eb9338ce9a83350739537a5cbf0f82bd5ac65e45968

                                                                      SHA512

                                                                      a1a09f7e4c919a758c38c8a789feac95dd17f07fc955ca83bd0e4af6ca053f5e205d6f55bcce380f83cbc5bd26e75457ce120fc287c13bd8b73b68e1610d11a6

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Network Persistent State
                                                                      Filesize

                                                                      797B

                                                                      MD5

                                                                      50ef3e8a758b719b9d0b39a037c23237

                                                                      SHA1

                                                                      15e5ccc91fe32c0a5d3c6c07007cc31a94694e6f

                                                                      SHA256

                                                                      b8f70c6220a2f97c89fed5bc454b61293c37bb4227184e698456a6968dbdee6e

                                                                      SHA512

                                                                      8591d99c727980dd56308e251f629b0f93c0d35219ffd5920926e122ffa9a384869691d6a2d513c0f251c6185be45c6c2d15910cf2e6915ff9cabdcc60ff6c4c

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Platform Notifications\CURRENT
                                                                      Filesize

                                                                      16B

                                                                      MD5

                                                                      46295cac801e5d4857d09837238a6394

                                                                      SHA1

                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                      SHA256

                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                      SHA512

                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Platform Notifications\LOG
                                                                      Filesize

                                                                      145B

                                                                      MD5

                                                                      deb918e21740452822db0630274b29bb

                                                                      SHA1

                                                                      80f50a5b4d21240d764f1d4841f64848bf7916b5

                                                                      SHA256

                                                                      6c0d8d64faf9d60b4f2cbbd403dcb5270964d42a1e0317943c7e7c1474403a0d

                                                                      SHA512

                                                                      5369945479d1db60459651e289cef73eddbd67ca6253f071a3f60d0f4889bba01ef811a18c52e2a5ccf8029391ed91738facb293f650df5047d9d53ebb75e461

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Platform Notifications\MANIFEST-000001
                                                                      Filesize

                                                                      41B

                                                                      MD5

                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                      SHA1

                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                      SHA256

                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                      SHA512

                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Preferences
                                                                      Filesize

                                                                      6KB

                                                                      MD5

                                                                      2a874b66cc222a3acf7a5bc1feeebff0

                                                                      SHA1

                                                                      8763a86147b50c11f90e092de8fdfb37ec8d4ecb

                                                                      SHA256

                                                                      960cb3d68c4208aced7c06d4697c5fdc08890cb591e6814112810f6c42c9837c

                                                                      SHA512

                                                                      f32b01536d66f917251a69382f6fcf76bd8cef7b252e5c9e5166ec44a5435a4dcf4d661245630f950de976bd65c0cb83db9c3da338bba09f7823a1c37d4a77b4

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Secure Preferences
                                                                      Filesize

                                                                      15KB

                                                                      MD5

                                                                      a6c5198a7b153b28cb695bacf2578a88

                                                                      SHA1

                                                                      65e6194cb58db6d489e864deae4caee91a0277de

                                                                      SHA256

                                                                      3af81add618d25ef442eb4c17d749c5523aa82af8f950c91b6063f925c0e7d35

                                                                      SHA512

                                                                      c6222ee1c231cfdcb13e5eb819c4000c70088ea86f61b891e96deb067ae1a16e95d5ad3c4a944cd1aea852702fb46777d9ec42d1ac2fc89f531d0f2437a76d90

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Session Storage\000003.log
                                                                      Filesize

                                                                      156B

                                                                      MD5

                                                                      fa1af62bdaf3c63591454d2631d5dd6d

                                                                      SHA1

                                                                      14fc1fc51a9b7ccab8f04c45d84442ed02eb9466

                                                                      SHA256

                                                                      00dd3c8077c2cca17ea9b94804490326ae6f43e6070d06b1516dfd5c4736d94d

                                                                      SHA512

                                                                      2c3184f563b9a9bff088114f0547f204ee1e0b864115366c86506215f42d7dbf161bc2534ccaee783e62cc01105edffc5f5dabf229da5ebd839c96af1d45de77

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Session Storage\CURRENT
                                                                      Filesize

                                                                      16B

                                                                      MD5

                                                                      46295cac801e5d4857d09837238a6394

                                                                      SHA1

                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                      SHA256

                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                      SHA512

                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Session Storage\LOG
                                                                      Filesize

                                                                      138B

                                                                      MD5

                                                                      1a7e6014dd36a5d7c38692c6769e0a46

                                                                      SHA1

                                                                      328422d36dd3005b1a9ca21fa32742ae2673c83d

                                                                      SHA256

                                                                      afda1be043a7ccd6b33afd9a1a3a4d26d7cd26877f8ec584f2ff96cbb2171688

                                                                      SHA512

                                                                      05085c6070d9a428c4a4fb952109039c40aac2e9a68e8ea61464c839689cccad4cdf6e44a5ec5bb2c878769080e8dc9c72bc576482e132e265f7e79cc8ebb8f5

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Session Storage\MANIFEST-000001
                                                                      Filesize

                                                                      41B

                                                                      MD5

                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                      SHA1

                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                      SHA256

                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                      SHA512

                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Sessions\Tabs_13306505039831878
                                                                      Filesize

                                                                      669B

                                                                      MD5

                                                                      d747712817108203e23164ff337e2e0f

                                                                      SHA1

                                                                      34875fee254568ca1cff1e3069442155cbba9a72

                                                                      SHA256

                                                                      5aae965ca35d73561feb2ebc9fdfc4908458d466b96ab60961f07b825adabb3b

                                                                      SHA512

                                                                      9976bc37cb868352eddb601433f22a7a7078dac27115242dd0d71710db7955440d3b8d69d1a073df1b482fb6c60867d84df6127285921dbbff138f0154360165

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Site Characteristics Database\000003.log
                                                                      Filesize

                                                                      40B

                                                                      MD5

                                                                      148079685e25097536785f4536af014b

                                                                      SHA1

                                                                      c5ff5b1b69487a9dd4d244d11bbafa91708c1a41

                                                                      SHA256

                                                                      f096bc366a931fba656bdcd77b24af15a5f29fc53281a727c79f82c608ecfab8

                                                                      SHA512

                                                                      c2556034ea51abfbc172eb62ff11f5ac45c317f84f39d4b9e3ddbd0190da6ef7fa03fe63631b97ab806430442974a07f8e81b5f7dc52d9f2fcdc669adca8d91f

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Site Characteristics Database\CURRENT
                                                                      Filesize

                                                                      16B

                                                                      MD5

                                                                      46295cac801e5d4857d09837238a6394

                                                                      SHA1

                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                      SHA256

                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                      SHA512

                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Site Characteristics Database\LOG
                                                                      Filesize

                                                                      152B

                                                                      MD5

                                                                      a1f6b88a57905e6ca36247010ed71e51

                                                                      SHA1

                                                                      4415190e3f74911b922cc81cb70e08380629feb7

                                                                      SHA256

                                                                      685ac81da1489feaf61bac60c5ae74c39849cb8900ec00f3f49c450704bb9152

                                                                      SHA512

                                                                      47d146e9d78ce7de5376b60bc1efe9dc4bfe77e17901ac4c123fe5a6f22f5dfcf4ea1ae9d75200ad927a9d510b238acc6bcea7c958df6823cd7511ff7bd7b0d8

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Site Characteristics Database\MANIFEST-000001
                                                                      Filesize

                                                                      41B

                                                                      MD5

                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                      SHA1

                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                      SHA256

                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                      SHA512

                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Sync Data\LevelDB\000003.log
                                                                      Filesize

                                                                      122B

                                                                      MD5

                                                                      0d9f70652007603a81c7847dc3cee8da

                                                                      SHA1

                                                                      4a7c8341cfd657f31314690bfd9bd8f51030c5b5

                                                                      SHA256

                                                                      a705d9d26ed11df2f38e6c25557ccb83916b8598fe92d2ad25868f9ae89844f7

                                                                      SHA512

                                                                      27e34f4b5077a9bb58f30d2447c43d2ae877495bda975b33f405d5d08d03a009bf67bd24abcf70838934f17f1ec66ed1b98429ad96997cae68d0f1e0bf9ea4cc

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Sync Data\LevelDB\CURRENT
                                                                      Filesize

                                                                      16B

                                                                      MD5

                                                                      46295cac801e5d4857d09837238a6394

                                                                      SHA1

                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                      SHA256

                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                      SHA512

                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Sync Data\LevelDB\LOG
                                                                      Filesize

                                                                      141B

                                                                      MD5

                                                                      84d992e053a4bb49eb225226b894b5bc

                                                                      SHA1

                                                                      db7d4a4ee5fee7c02e8a4590ce561de3ccd38c2a

                                                                      SHA256

                                                                      a76fb966940965c2117462aaf662a7f430ba0b9568ef43fd68ead1ae68c6eb19

                                                                      SHA512

                                                                      3ca3a296c281e24a4fb36c98e835b3e794f71a0cd7f98e8b30825a5a1506b09ef9fd13a7fec03db1574112227c1dddd219f2cd0993211eed116de11c59f99b4b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Sync Data\LevelDB\MANIFEST-000001
                                                                      Filesize

                                                                      41B

                                                                      MD5

                                                                      5af87dfd673ba2115e2fcf5cfdb727ab

                                                                      SHA1

                                                                      d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                      SHA256

                                                                      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                      SHA512

                                                                      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Top Sites
                                                                      Filesize

                                                                      20KB

                                                                      MD5

                                                                      9048adc11b40da3679e854f2aaee2813

                                                                      SHA1

                                                                      3a5f63f46b6f38dc15e852bc9ec85d17b3bf09d3

                                                                      SHA256

                                                                      55f6ab81fe7167e23124f16688da2f74223d2c7b6e3312316f243f129519bc2a

                                                                      SHA512

                                                                      421477d5561ba0e55597469b01785c46ed1a3ad36f592db527290705129539c6355fc0477c219c899c253fb95b1213b1e05fef57d4d0e0b74c48a9f2cc0d3e1e

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\TransportSecurity
                                                                      Filesize

                                                                      203B

                                                                      MD5

                                                                      4dc6af6aad8b6f67a64e74c7e13dc116

                                                                      SHA1

                                                                      6e8dee626456904d8508d1cdb29c022f56ee569b

                                                                      SHA256

                                                                      15e554f055b6e9c489fbbb53a944f4f73962345c9d3d1dd0583789039bf465b4

                                                                      SHA512

                                                                      28f4da2147dd9974fb8e6ffa87424c366bbbc34f29e65c72a13e36949f9951767c0e692f6f8fee798dc7050708df229ccb68f98660c4b5bc6e2b1e2082a18f22

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Visited Links
                                                                      Filesize

                                                                      128KB

                                                                      MD5

                                                                      a6bac5e1b4e036928ec5b0fb167b92fa

                                                                      SHA1

                                                                      292984bec29c122279fe43f3accfa4bc7073036b

                                                                      SHA256

                                                                      35772423f16c371b86a0534f24d1fa084341ea384b75b4da4d3b5b2bf174a8e3

                                                                      SHA512

                                                                      50a26d167b6a8c25b3e191a1a13bbf9762137f36720d78a5dc727aa6b93da8d9f7946a954f11d08b9afcf5acfb89e5bc6c749e563f8b1b68a1b60f9973196a0b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Default\Web Data
                                                                      Filesize

                                                                      88KB

                                                                      MD5

                                                                      8ee018331e95a610680a789192a9d362

                                                                      SHA1

                                                                      e1fba0ac3f3d8689acf6c2ee26afdfd0c8e02df9

                                                                      SHA256

                                                                      94354ea6703c5ef5fa052aeb1d29715587d80300858ebc063a61c02b7e6e9575

                                                                      SHA512

                                                                      4b89b5adc77641e497eda7db62a48fee7b4b8dda83bff637cac850645d31deb93aafee5afeb41390e07fd16505a63f418b6cb153a1d35777c483e2d6d3f783b4

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\GrShaderCache\GPUCache\data_0
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      cf89d16bb9107c631daabf0c0ee58efb

                                                                      SHA1

                                                                      3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                      SHA256

                                                                      d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                      SHA512

                                                                      8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\GrShaderCache\GPUCache\data_1
                                                                      Filesize

                                                                      264KB

                                                                      MD5

                                                                      f50f89a0a91564d0b8a211f8921aa7de

                                                                      SHA1

                                                                      112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                      SHA256

                                                                      b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                      SHA512

                                                                      bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\GrShaderCache\GPUCache\data_2
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      0962291d6d367570bee5454721c17e11

                                                                      SHA1

                                                                      59d10a893ef321a706a9255176761366115bedcb

                                                                      SHA256

                                                                      ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                      SHA512

                                                                      f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\GrShaderCache\GPUCache\data_3
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      41876349cb12d6db992f1309f22df3f0

                                                                      SHA1

                                                                      5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                      SHA256

                                                                      e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                      SHA512

                                                                      e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\GrShaderCache\GPUCache\index
                                                                      Filesize

                                                                      256KB

                                                                      MD5

                                                                      a71b0446a0347dc5c023b499b6006001

                                                                      SHA1

                                                                      364e2d3bd198e88529219470b6f1e93037fa1957

                                                                      SHA256

                                                                      6eb7808467755c2a510eb7c0fd3b06b9a89e6c416a694f111a98ac14c1304b27

                                                                      SHA512

                                                                      c57469d32c6db3887fd891208257456d411ffe6dabb27aa9a63c2f6470606c20ccfccefb1ef3db0e6bc61dda184789427460af926010d2251b90e3f03f90590b

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Last Version
                                                                      Filesize

                                                                      13B

                                                                      MD5

                                                                      b63048c4e7e52c52053d25da30d9c5ab

                                                                      SHA1

                                                                      679a44d402f5ec24605719e06459f5a707989187

                                                                      SHA256

                                                                      389caa40ea458e84bc624a9af1e0dec60fa652b2db2b81c09b1dfe22822cc3d1

                                                                      SHA512

                                                                      e86c58c5a25e24f21ad79ed526a90c120a09c115f4820663bd2ebbc59e7bb1c4c418267eb77645522aa20b2c1b53fba8e31690db7bae9b21e4eff3db06316359

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\Local State
                                                                      Filesize

                                                                      90KB

                                                                      MD5

                                                                      9f3922257d31b56ddb3260485c5f49a3

                                                                      SHA1

                                                                      5cf822cd0ff48b4ecc8899050529b1babc810f77

                                                                      SHA256

                                                                      597f38a58894c5bb6351117ab025033272b6e35fac3e0be949d0321ad232868c

                                                                      SHA512

                                                                      1aaa66c44c954ed6303959c55d742db1f5359e77a8ca987da01407bd07cea89949540353380da1b8e105840e3f676e0d2d8c7f4d55e1c6fa74f351b59e0f7a69

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\ShaderCache\GPUCache\data_0
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      cf89d16bb9107c631daabf0c0ee58efb

                                                                      SHA1

                                                                      3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

                                                                      SHA256

                                                                      d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

                                                                      SHA512

                                                                      8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\ShaderCache\GPUCache\data_1
                                                                      Filesize

                                                                      264KB

                                                                      MD5

                                                                      f50f89a0a91564d0b8a211f8921aa7de

                                                                      SHA1

                                                                      112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                      SHA256

                                                                      b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                      SHA512

                                                                      bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\ShaderCache\GPUCache\data_2
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      0962291d6d367570bee5454721c17e11

                                                                      SHA1

                                                                      59d10a893ef321a706a9255176761366115bedcb

                                                                      SHA256

                                                                      ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

                                                                      SHA512

                                                                      f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\ShaderCache\GPUCache\data_3
                                                                      Filesize

                                                                      8KB

                                                                      MD5

                                                                      41876349cb12d6db992f1309f22df3f0

                                                                      SHA1

                                                                      5cf26b3420fc0302cd0a71e8d029739b8765be27

                                                                      SHA256

                                                                      e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

                                                                      SHA512

                                                                      e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

                                                                      Download Submit

                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\935CB1CD91193186266598\ShaderCache\GPUCache\index
                                                                      Filesize

                                                                      256KB

                                                                      MD5

                                                                      17d4c5c91ca2a31839fcf972ed936199

                                                                      SHA1

                                                                      b318419fdd22512883580476c365d4b8aed5b8a3

                                                                      SHA256

                                                                      65bd1d6e9c8c9052bbf9cfbf3ec5f3da953506d0fe656a72c3abc812ad126139

                                                                      SHA512

                                                                      02e564fed462b5dd5fef62bf6c142525c61cd85063509d2ec1217717e21a70114f8ee5f9af48a5741f7f17682d46e5bf73ab1d938e9869b721fdb497a6c1dcf1

                                                                      Download Submit

                                                                    • \??\pipe\crashpad_3756_DDMPRXLTLUVYHUUY
                                                                      MD5

                                                                      d41d8cd98f00b204e9800998ecf8427e

                                                                      SHA1

                                                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                      SHA256

                                                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                      SHA512

                                                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                      Download Submit

                                                                    • memory/376-252-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/444-242-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/628-141-0x0000000010410000-0x00000000107F4000-memory.dmp

                                                                      Filesize

                                                                      3.9MB

                                                                      Download

                                                                    • memory/628-134-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/628-138-0x0000000010410000-0x00000000107F4000-memory.dmp

                                                                      Filesize

                                                                      3.9MB

                                                                      Download

                                                                    • memory/628-139-0x0000000010410000-0x00000000107F4000-memory.dmp

                                                                      Filesize

                                                                      3.9MB

                                                                      Download

                                                                    • memory/628-140-0x0000000074E50000-0x0000000074E89000-memory.dmp

                                                                      Filesize

                                                                      228KB

                                                                      Download

                                                                    • memory/648-245-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/956-231-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/1104-234-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/1140-249-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/1236-238-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/1600-236-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2120-241-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2272-237-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2416-253-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2676-158-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2784-239-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2800-251-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/2908-248-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3096-250-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3388-233-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3448-243-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3476-254-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3528-246-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3812-142-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/3820-244-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/4176-240-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/4216-235-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/4408-232-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/4480-157-0x00000261A2260000-0x00000261A2280000-memory.dmp

                                                                      Filesize

                                                                      128KB

                                                                      Download

                                                                    • memory/4480-220-0x00000261A314E000-0x00000261A3152000-memory.dmp

                                                                      Filesize

                                                                      16KB

                                                                      Download

                                                                    • memory/4480-225-0x00000261A3157000-0x00000261A315A000-memory.dmp

                                                                      Filesize

                                                                      12KB

                                                                      Download

                                                                    • memory/4480-226-0x00000261A3157000-0x00000261A315A000-memory.dmp

                                                                      Filesize

                                                                      12KB

                                                                      Download

                                                                    • memory/4480-228-0x00000261A3157000-0x00000261A315A000-memory.dmp

                                                                      Filesize

                                                                      12KB

                                                                      Download

                                                                    • memory/4480-227-0x00000261A3157000-0x00000261A315A000-memory.dmp

                                                                      Filesize

                                                                      12KB

                                                                      Download

                                                                    • memory/4480-223-0x00000261A314E000-0x00000261A3152000-memory.dmp

                                                                      Filesize

                                                                      16KB

                                                                      Download

                                                                    • memory/4480-222-0x00000261A314E000-0x00000261A3152000-memory.dmp

                                                                      Filesize

                                                                      16KB

                                                                      Download

                                                                    • memory/4480-221-0x00000261A314E000-0x00000261A3152000-memory.dmp

                                                                      Filesize

                                                                      16KB

                                                                      Download

                                                                    • memory/4480-154-0x00000261A2F60000-0x00000261A2F80000-memory.dmp

                                                                      Filesize

                                                                      128KB

                                                                      Download

                                                                    • memory/4480-151-0x00000261A2220000-0x00000261A2240000-memory.dmp

                                                                      Filesize

                                                                      128KB

                                                                      Download

                                                                    • memory/4480-219-0x00000261A314E000-0x00000261A3152000-memory.dmp

                                                                      Filesize

                                                                      16KB

                                                                      Download

                                                                    • memory/4480-150-0x00000261A2280000-0x00000261A22A0000-memory.dmp

                                                                      Filesize

                                                                      128KB

                                                                      Download

                                                                    • memory/4788-136-0x0000000010410000-0x00000000107F4000-memory.dmp

                                                                      Filesize

                                                                      3.9MB

                                                                      Download

                                                                    • memory/4788-135-0x0000000010410000-0x00000000107F4000-memory.dmp

                                                                      Filesize

                                                                      3.9MB

                                                                      Download

                                                                    • memory/4788-132-0x00000000021C0000-0x00000000021EB000-memory.dmp

                                                                      Filesize

                                                                      172KB

                                                                      Download

                                                                    • memory/5000-247-0x0000000000000000-mapping.dmp

                                                                      Download

                                                                    • memory/5052-230-0x0000000000000000-mapping.dmp

                                                                      Download