hxxps://zonacraft[.]net/optifine-mod/

Analysis

max time kernel
270s
max time network
302s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
13/03/2023, 22:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://zonacraft.net/optifine-mod/

Score

8^/10

discovery persistence

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 9 IoCs

pid	Process
2172	TimeBucksInstaller.exe
6776	TimeBucksInstaller.tmp
3924	TimeBucks.exe
6332	crashpad_handler.exe
6384	MassiveInstaller.exe
6632	MassiveInstaller.tmp
6880	Massive.exe
6964	crashpad_handler.exe
4492	MassiveExtension.exe

Loads dropped DLL 7 IoCs

pid	Process
6776	TimeBucksInstaller.tmp
3924	TimeBucks.exe
3924	TimeBucks.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
4492	MassiveExtension.exe

Adds Run key to start application 2 TTPs 4 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3346939869-2835594282-3775165920-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run	TimeBucksInstaller.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-3346939869-2835594282-3775165920-1000\Software\Microsoft\Windows\CurrentVersion\Run\TimeBucks = "\"C:\\Users\\Admin\\Programs\\TimeBucks\\TimeBucks.exe\" --autorun"	TimeBucksInstaller.tmp
Key created	\REGISTRY\USER\S-1-5-21-3346939869-2835594282-3775165920-1000\Software\Microsoft\Windows\CurrentVersion\Run	TimeBucks.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3346939869-2835594282-3775165920-1000\Software\Microsoft\Windows\CurrentVersion\Run\TimeBucks = "\"C:\\Users\\Admin\\Programs\\TimeBucks\\TimeBucks.exe\" --autorun"	TimeBucks.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Kills process with taskkill 4 IoCs

evasion

pid	Process
6832	taskkill.exe
5304	taskkill.exe
1884	taskkill.exe
3512	taskkill.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133232239915377015"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3346939869-2835594282-3775165920-1000_Classes\Local Settings	chrome.exe

Suspicious behavior: EnumeratesProcesses 25 IoCs

pid	Process
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
6776	TimeBucksInstaller.tmp
6776	TimeBucksInstaller.tmp
2496	chrome.exe
2496	chrome.exe
6632	MassiveInstaller.tmp
6632	MassiveInstaller.tmp
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
6880	Massive.exe
3924	TimeBucks.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe
Token: SeShutdownPrivilege	4300	chrome.exe
Token: SeCreatePagefilePrivilege	4300	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
7072	javaw.exe
6776	TimeBucksInstaller.tmp
6632	MassiveInstaller.tmp
6880	Massive.exe
6880	Massive.exe
3924	TimeBucks.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
4300	chrome.exe
6880	Massive.exe
6880	Massive.exe
3924	TimeBucks.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe
6880	Massive.exe

Suspicious use of SetWindowsHookEx 14 IoCs

pid	Process
7072	javaw.exe
7072	javaw.exe
7072	javaw.exe
7072	javaw.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
3924	TimeBucks.exe
6880	Massive.exe
6880	Massive.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4300 wrote to memory of 4080	4300	chrome.exe	66
PID 4300 wrote to memory of 4080	4300	chrome.exe	66
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 3008	4300	chrome.exe	69
PID 4300 wrote to memory of 352	4300	chrome.exe	68
PID 4300 wrote to memory of 352	4300	chrome.exe	68
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70
PID 4300 wrote to memory of 1020	4300	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://zonacraft.net/optifine-mod/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffcf7759758,0x7ffcf7759768,0x7ffcf7759778
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1864 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1624 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:2
  2⤵
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2132 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:1020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3000 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5100 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5104 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5108 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6464 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6624 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6308 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6156 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5884 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5864 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5588 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5452 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5436 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6956 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5556 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5544 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6820 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6756 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5440 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5524 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7292 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7344 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7140 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7616 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7772 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7916 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=8112 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8340 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8468 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8744 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8904 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=9084 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=10140 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=10452 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=10664 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=10832 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=11388 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=11372 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=11244 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=10836 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=11424 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12112 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12336 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=10688 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=10620 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=11580 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5704 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=10128 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6848
- C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
  "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\Downloads\OptiFine_1.9.2.jar"
  2⤵
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  PID:7072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11072 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7908 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=3100 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=12148 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=11348 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=11668 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=876 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=5648 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=1736 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=11660 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10384 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10744 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=10328 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=11592 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:7152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9576 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=8928 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=9064 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=3024 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9916 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11044 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:7044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9064 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=10416 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=9024 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=10024 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=9848 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=9052 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:7020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=11012 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:96
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=4916 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=10172 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:7044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=12228 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=10668 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=10636 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=9028 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11108 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11348 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9980 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6552 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9756 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:3408
- C:\Users\Admin\Downloads\TimeBucksInstaller.exe
  "C:\Users\Admin\Downloads\TimeBucksInstaller.exe"
  2⤵
  - Executes dropped EXE
  PID:2172
- - C:\Users\Admin\AppData\Local\Temp\is-4LRPC.tmp\TimeBucksInstaller.tmp
    "C:\Users\Admin\AppData\Local\Temp\is-4LRPC.tmp\TimeBucksInstaller.tmp" /SL5="$80202,21558888,1092096,C:\Users\Admin\Downloads\TimeBucksInstaller.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Adds Run key to start application
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of FindShellTrayWindow
    PID:6776
  - - C:\Windows\SYSTEM32\taskkill.exe
      "taskkill.exe" /f /im "TimeBucks.exe"
      4⤵
      Kills process with taskkill
      PID:6832
  - - C:\Windows\SYSTEM32\taskkill.exe
      "taskkill.exe" /f /im "crashpad_handler.exe"
      4⤵
      Kills process with taskkill
      PID:5304
  - - C:\Users\Admin\Programs\TimeBucks\TimeBucks.exe
      "C:\Users\Admin\Programs\TimeBucks\TimeBucks.exe" --installerSessionId=ea0c67371678750467 --downloadDate=2023-03-13T23:34:16 --distId=source_5
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Adds Run key to start application
      Suspicious behavior: GetForegroundWindowSpam
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of SetWindowsHookEx
      PID:3924
    - - C:\Users\Admin\Programs\TimeBucks\crashpad_handler.exe
        
        C:\Users\Admin\Programs\TimeBucks\crashpad_handler.exe --no-rate-limit --database=C:\Users\Admin\AppData\Roaming\TimeBucks\crashdumps --metrics-dir=C:\Users\Admin\AppData\Roaming\TimeBucks\crashdumps --url=https://o428832.ingest.sentry.io:443/api/5420194/minidump/?sentry_client=sentry.native/0.5.0&sentry_key=06798e99d7ee416faaf4e01cd2f1faaf --attachment=C:\Users\Admin\AppData\Roaming\TimeBucks\log.txt --attachment=C:\Users\Admin\AppData\Roaming\TimeBucks\crashdumps\0cae7a2e-42ac-4b63-073e-ce373bf3abdd.run\__sentry-event --attachment=C:\Users\Admin\AppData\Roaming\TimeBucks\crashdumps\0cae7a2e-42ac-4b63-073e-ce373bf3abdd.run\__sentry-breadcrumb1 --attachment=C:\Users\Admin\AppData\Roaming\TimeBucks\crashdumps\0cae7a2e-42ac-4b63-073e-ce373bf3abdd.run\__sentry-breadcrumb2 --initial-client-data=0x2f4,0x2f8,0x2fc,0x2d4,0x300,0x7ff6ea93be60,0x7ff6ea93be78,0x7ff6ea93be90
        5⤵
        Executes dropped EXE
        
        PID:6332
    - - C:\Users\Admin\Programs\TimeBucks\MassiveInstaller.exe
        
        C:\Users\Admin\Programs\TimeBucks\MassiveInstaller.exe /SP- /INSTALLERSHOWNELSEWHERE /VERYSILENT /NOICONS /SUPPRESSMSGBOXES /AllowStatusPage=false /ShowUI=false /DIR="C:\Users\Admin\Programs\Massive"
        5⤵
        Executes dropped EXE
        
        PID:6384
      - C:\Users\Admin\AppData\Local\Temp\is-HRFGI.tmp\MassiveInstaller.tmp
        
        "C:\Users\Admin\AppData\Local\Temp\is-HRFGI.tmp\MassiveInstaller.tmp" /SL5="$2020C,15690165,1083392,C:\Users\Admin\Programs\TimeBucks\MassiveInstaller.exe" /SP- /INSTALLERSHOWNELSEWHERE /VERYSILENT /NOICONS /SUPPRESSMSGBOXES /AllowStatusPage=false /ShowUI=false /DIR="C:\Users\Admin\Programs\Massive"
        6⤵
        Executes dropped EXE
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        
        PID:6632
        
        C:\Windows\SysWOW64\taskkill.exe
        
        "C:\Windows\System32\taskkill.exe" /f /im Massive.exe
        7⤵
        Kills process with taskkill
        
        PID:1884
        
        C:\Windows\SysWOW64\taskkill.exe
        
        "C:\Windows\System32\taskkill.exe" /f /im MassiveUI.exe
        7⤵
        Kills process with taskkill
        
        PID:3512
        
        C:\Users\Admin\Programs\Massive\Massive.exe
        
        "C:\Users\Admin\Programs\Massive\Massive.exe"
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        Suspicious behavior: GetForegroundWindowSpam
        Suspicious use of FindShellTrayWindow
        Suspicious use of SendNotifyMessage
        Suspicious use of SetWindowsHookEx
        
        PID:6880
        
        C:\Users\Admin\Programs\Massive\crashpad_handler.exe
        
        C:\Users\Admin\Programs\Massive\crashpad_handler.exe --no-rate-limit --database=C:\Users\Admin\AppData\Local\Massive\crashdumps --metrics-dir=C:\Users\Admin\AppData\Local\Massive\crashdumps --url=https://o428832.ingest.sentry.io:443/api/5375291/minidump/?sentry_client=sentry.native/0.4.9&sentry_key=5647f16acff64576af0bbfb18033c983 --attachment=C:\Users\Admin\AppData\Local\Massive\crashdumps\eedf0b5b-f375-40d4-0d8e-33bf7319a8d6.run\__sentry-event --attachment=C:\Users\Admin\AppData\Local\Massive\crashdumps\eedf0b5b-f375-40d4-0d8e-33bf7319a8d6.run\__sentry-breadcrumb1 --attachment=C:\Users\Admin\AppData\Local\Massive\crashdumps\eedf0b5b-f375-40d4-0d8e-33bf7319a8d6.run\__sentry-breadcrumb2 --initial-client-data=0x340,0x344,0x348,0x31c,0x2f4,0x7ff6edd98328,0x7ff6edd98348,0x7ff6edd98360
        8⤵
        Executes dropped EXE
        
        PID:6964
        
        C:\Users\Admin\Programs\Massive\MassiveExtension.exe
        
        C:\Users\Admin\Programs\Massive\MassiveExtension.exe --dumps_path "C:\Users\Admin\AppData\Local\Massive\crashdumps" --h_path "C:\Users\Admin\Programs\Massive\crashpad_handler.exe" --src https://[email protected]/5375291 --allow_reporting true --version 0.14.0 --env prod
        8⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10624 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4616 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=1676 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=8752 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=4928 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=10416 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:7028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=11080 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=12016 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=8928 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=9844 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=11948 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=3492 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=9424 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11696 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:4904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=11820 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=10908 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=10296 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=11656 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=8876 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=11344 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=10148 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=9008 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=6568 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=9476 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=2992 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:7068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=6724 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=6352 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9560 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:8
  2⤵
  PID:6904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=3104 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=5580 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=3668 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=5696 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:6936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=10648 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=9604 --field-trial-handle=1820,i,18245564476010434120,9254085261868403652,131072 /prefetch:1
  2⤵
  PID:3560

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3528

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2bc
1⤵
PID:5380

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\9cb547fb-f916-43e2-86fc-72618a41b8d8.tmp

Filesize
145KB

MD5
11fe31cd64bb6772e42eebad20b66db6

SHA1
38ce565a4a1791afe9fa8fbbbbbedf93ad28568e

SHA256
753de24e0b702e45f46a6e7b6e8978f2d37a24388196d7a87daf6cbef06160b5

SHA512
23c377358850e504e72f39633d9322b92c23f9c36bc096cda988ea0ee56e9a62d6f6359cd84c885f20f718301e14f69bb93c842bacf3f73fc2983ac7f666b6f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\1405e29c-7842-4875-9896-b907d4bb3f80.tmp

Filesize
7KB

MD5
7ed4b000669abdfa03c96a70fe90e15c

SHA1
e546c57a25f26d2553532503d211cba07cba51b3

SHA256
47c801764ef763c0898f64bd989bcf4c16e663ffcf30e567e26214e3a67444dd

SHA512
1b4dd15a742daa236aba4f103fa6d5a3af9a220c409bcf1bf344a7410eb3f573cb2935c5249751f88ec5d4fca568f74a48407c2f0e54f3b33f0f5b9d2de47cb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
43KB

MD5
f48f27884e129abae72904bde6b2ed49

SHA1
94fddba01d24d14bd08adb80980cb87300c5e0b8

SHA256
3325775f6873aca3c004af1e9bb0cfe3a49c85385e7a5361f7723191921db9ce

SHA512
62403fcb28705cc25d3631bdd9ada228954ad289ba8e970dd27bcbe97253d1826f7a757c5899a633f2170a0dd1deaf122988ee258c4e720fc00c0f4c2d53f9de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
19KB

MD5
ca7fbbfd120e3e329633044190bbf134

SHA1
d17f81e03dd827554ddd207ea081fb46b3415445

SHA256
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

SHA512
ab85f774403008f9f493e5988a66c4f325cbcfcb9205cc3ca23b87d8a99c0e68b9aaa1bf7625b4f191dd557b78ef26bb51fe1c75e95debf236f39d9ed1b4a59f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
36KB

MD5
4795b2016b1c7f383ce5e78c0ad12b08

SHA1
dc9ab9f202b7dfa9b1128267450fcfdd51a7c230

SHA256
b9177a6170a3b5e2c4c6fef9fd7970aef26c12bdefbc249eb36d0f6153cd3674

SHA512
ed35bb0d2589e783036ab72dfb5b0e76cb35c84ed0446db4f59c7381dd081e995f7c2903d78f8c094a1a2a4a2a84d510ac8e446779a1a9d355ad1701732dafcc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
26KB

MD5
700cfa77b75d606f3f38ba307d5c4093

SHA1
b741d6051fb2e5f1a0d8c5b1edd2d5dd2a762852

SHA256
d6103b559b8a9ba902915e702cb7f693051d093724d1ce32cfc64b9a7fad4725

SHA512
b252d05190ef58a1ac26ef7c665f13af6c0a85c668ef9276438bda47c252e583b4871dbfdbaeecb7ad1fb482e62eba312c94da8b2648768fc3d63a767346516e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
42KB

MD5
b68528ba7a58370c1717f0b58fca28ed

SHA1
0c8998257e8f54d95aba0a6003f98e6e7e977cd8

SHA256
29eb32b917af8058e4c0dfa7604c9fc2fdd3382d230e6108d872b51a87d24f58

SHA512
3bd051685dae2151d7cfe7246cd7c80bef0dcf8292f1f9381f211617e18255e3e269bac615fa66db7bf283a017a7b3d9ac32b6d50c9074edb273f58749a08a45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
54KB

MD5
cef1b4ee81975cbd9e92b2e30185afe8

SHA1
1099d95ac02f1f5d36140b60e230c05086f2306f

SHA256
9436866486337a9bfcf14ff01b822a690d3afcd213ddfb15fc081803d695515e

SHA512
66d88ebdf085a9a7420d2655dc2932174c98d0418473fdfae060727033a99c1a6c0ac3bfd59e9bc3acebb47b2385db95c73e8b4e9bab51bcbce4b4e81091f97c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
132KB

MD5
f55294456c7ebe0474df13be0685f081

SHA1
64714945ff33f56a7fc528db0b42f2563c492697

SHA256
b18988c397424ab1add7d987739f9862d41f6beb450d65ef59e58e195937b330

SHA512
8aa35bcecbaaae4437b1821458552e292bf1e879cd3a338910a99f02708194cc5ffd8f33fce3a80d4f3677440d5ce7ec4b118ec3abfd0e94ed9802b97db0c796

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
16KB

MD5
c1e7a912dc8316384c56401b377fe44d

SHA1
be7820d952d5e66d82a10675bcaa39b3159eb6fd

SHA256
43820d35a951b5b684a48fc0abf95afb4a0b6b2d2ed36e199cbb9d6d8555c886

SHA512
2c9f342072a0ccd591c8c3dff603fc0876f24adc71707af877c2cb96bd41becb7712f6bdf2870a7abff9edc4c5de07fb16abe20b08e57682e2852a7d21b7c897

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
16KB

MD5
89a574ff00e6b0ec61d995d059ce6e65

SHA1
aea09e96808ab77165ffa712eaa58b8f056d0bb6

SHA256
e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44

SHA512
30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
22KB

MD5
0ffb2c9b6dd933ae18ab7dc729d58e69

SHA1
bb88b2f3fc47452873348d1cdcb7ea3d4a2bbc10

SHA256
0cd0e55fa43693dfe4b04a225bf7774eb3f66e232828f8d661547728475a12f2

SHA512
f9d42fa65f3efd8d4308460cd9b53959d59038739991245ba0442bbf5686d6482934bc6e227fd1482b5972fa982218278550e0f7a7c665b9e36749538a52d406

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
121KB

MD5
49e47d06eef2ab24ed0a3f772815470f

SHA1
b387c71c7ad22b5f9c3e04a5204a803cb70a8da8

SHA256
dc0c54eeb78fa9aac5fd502b364c309fb230792070689e46392f67e5aafdfb12

SHA512
5a03331e3496cd815c652efdc3f336f6cdcab678dbccc5280a06964e12e5542509479a73c26814d70e58c24d3b199c0cf58e48ec1d825b80cc16ef61fca51ea9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
20KB

MD5
9f114e7460208a79cbd2f0a2c61e66e9

SHA1
f30fd5e1da2a4322723ec19fb2593dce7c76421a

SHA256
51bb580bdce3780d94d26cd374aec375294777dc8e7926294fe8471d955584f9

SHA512
b465f5442ecab31385854c4870f422acd365a1debbefe50f91b9ee63a0d637424db2c6d3557d1a8ba897bf362969832e0576f7288da162000f9292799b634ec4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
18KB

MD5
f635c81e1d8dc52d573314ef27577a9c

SHA1
91cff8d0adf8ccec1c05938e65ec6861be74d7d4

SHA256
290116efe04044a217a40a206a3638f906371e0bcdd596632c97c5614a141fad

SHA512
4c5dc2b7bd35dd673392f526dc60eded1d2411c5169f4c26c0c7ac21a6f0880c1f82178a57f4eebed4ca2fbd35e654729d8673ec21e63f692799dd5735b8b765

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
23KB

MD5
097997c778ac1f4b7aa16fd2d8e1d483

SHA1
8d00a3aed69f7247ad72179b1b55819371ebf4a5

SHA256
aaf78291f614336eb4176aaee2e03f7dd3321ae7895218a6e14b75bda9fe98da

SHA512
5e817398609f4de9962701b0d2a3bf911e159b590ef38342ad4cd213a83c168092c9c6cd64d6780168d62b37f5c267080158c69621f016212f1f16f69092985a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
20KB

MD5
7697dcbe00e944d062372818d68e0da0

SHA1
90fac0ebc0c95138c590178f783bf2da024db5b0

SHA256
0f3db51900e98148ea3cc090a5f3144ef3a7c02aa534f0e3c633331d241e7ffa

SHA512
d9a8aa760ef8823967e89748c714dd550ea26144123a491da5c2978b226d5550424701659fa1db5ee7c998bf822aaaa2757516eab2e76d9a4d88e0c24d9b8dc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
63KB

MD5
206c1f7eb4ffd2f99171e0de91bb27c8

SHA1
a7196858122877a4ca682fa265d0f37a29fe9b1c

SHA256
fb59ac9018e31fe6c37bb9c2ede236b23f7ae9e2887693eeb4ff3435e69a080b

SHA512
2373ca725e2edd5792b10400e904759690eb8adfcff0b6bf89ec5153033e432ffcd6cde4e020f86dd9510f791f45b73fe1003a40897c5f8feaac4190a483fc45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
28KB

MD5
20ac2c4462879de5e87bb093a87877fb

SHA1
0f5424e096ba541b4789ed910e7257493be343cd

SHA256
cd064793ed5ae178ceaee41fc363174391f70a5813e33124c8483ecf68c0268b

SHA512
96b6b038fef1df04855e653758478abde56f277f4eae778be5aaaff1eaa6d1fff517119b5dfb021f230b3f2cd468b3fdda6d7a1d53106bcc1bad6f7de964260f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
63KB

MD5
8033fed1f312bbb913b8cf605b68a0b8

SHA1
bd19063c08b669a51b8a3b2c9601cdad9545d911

SHA256
9802c3206b624d67ebc8e6cc7ead579588fae49f9366453d5358c0903dd7589a

SHA512
629fbfce802cc13faceb5b1703142f072c6162137f32e02d514a4270589f6f74b23eb014790229c15dadbf4f7796da1ac8cc04eeea12eac203c3d10848e99984

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

Filesize
37KB

MD5
d90cb261f4a509d886611473296e188e

SHA1
23551f9039c8b855b496f017c8f75b32f6e56671

SHA256
ca6c7cdd1e68e9f251fbf58e0b0ad9e883b38979e264c3cf4125f603b21c8bb4

SHA512
1cca6c9490c8f7adca7441ffea3e7445309d0c52fbaf7252e4c3c73525e00233a8173536c031747a55343bb86e96618d9c96afc6e4f8d25b0106729cca5c8031

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
67KB

MD5
79823d621c83cdf4c111b5f7eb91d927

SHA1
e59328ae39963106a2e7c92ed2642453a7fe8272

SHA256
6c366eee7e7c55f0440eb1eec6d14849611b57163866bfac04a51964d56978b0

SHA512
c40242cbf342b171dd6637ce868b7300526bbb9f176e35601724d9b86b69ac5b38379d0671f61192c7258ba10a39ceb3fea4081e18ce6d5307531e2bd1d21432

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
325KB

MD5
9972cd616964a4b109687d68978e2709

SHA1
76d76f5628ff03da656c1b60c9a2880334d2d4eb

SHA256
94e4e1e55081277500b4ae82d983fc248e5f2769f371c13028cad4d5ecf3bd9d

SHA512
30ed701a4c8ffe803a6ac8d0f6b1b7d9658a532a005dd09b469bbea78dea583d96f7c5b932ccbed6e4607883b7d59b2358408a9390ca55ce49dac7a7a03a6758

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

Filesize
28KB

MD5
9c8e6d7913552303cb09b0dabfae3788

SHA1
6042659bcfded553734f7eade0824d9059cd21a0

SHA256
3eaa0a64173bb0af94802103bc77aa47c395021edae232706cdb008f2db38c1e

SHA512
72a0e757865065cb840a25bf207d267852412bce62545149ea7f98934c45a15d07cf9ebe43e6fa076fc11713b4a4a490ed954ba95863ed9982fbbd2b2674520e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000067

Filesize
61KB

MD5
d715a1fbdc52b9bc57b9baa095752eec

SHA1
dab6c49f966379b2caf73feb5e2cfe6d272e7cf7

SHA256
0ef72909d991ad4c7c54b6c65c58363a444ce301eaeec0c10a9d5ac6829f00c3

SHA512
a74116f0972697c8b9e9f3755aa3971292894451113dbb8cbe217cea998cbd5cb78fcba1622469e3ffb5838a9d10fce55f7b75568ff4c59f1af9c4c4fc98c0e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068

Filesize
51KB

MD5
17c34b6704e677f6397913d0083f7ec9

SHA1
8bcff109248015c91e0d24aa9504f6be2e8aad4c

SHA256
787c465de39564767de8b1fc1c304376d80fe5b5efe2ee49244c2d648d1f65d2

SHA512
2a337c0c6c8ed028c4b06686dca6586734175d2105b148929f935b12555539cff216ca57a6fba7dde04fcb3b84505e2404ade1b1d89d407f728ca9b37aeed7f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000069

Filesize
107KB

MD5
12daede73dbe5160df585b647d8becbf

SHA1
a9e0cfbd153cee8d9a0690871ad9cbaadc3367a0

SHA256
3dbce01674c2185b1a63bac0a9d0bb20fe68ecaf864fe19a76bb4c130c59f1ea

SHA512
109a7e9b427492f379e379f2cfa45fccf61afa879a02d481ad8f6cf374eefba1abce5009f6710a138938a85135d8afbbfd94905bce3ec78551f2ed409d1abb1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

Filesize
607KB

MD5
5740803e82c43fb79a5ab81b161d9964

SHA1
88e9aa05f0b8e16c905b1c54b416f9cffafa52af

SHA256
47adcbbde66cecfee3bc88b5ec25cd1cb45a3b35ef84a6b86a5824783234ddde

SHA512
beb27f100689fbd59edd4f5cbda14fc8b2b2e281336a67872f4b6e8232b747298aace580000bf9f45a8e0b0909ae28c290f7abfb69b521b6235c45bf2663bf41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b

Filesize
35KB

MD5
e61990a1765f288ccedeff877782381d

SHA1
570e65523583a567e681fbb190067a1a6eecb52e

SHA256
eaf48a6a29227118d7b80c4e806602c8c9488f691242fea96af0bc0ab956e3cc

SHA512
cb3a006884408f16361a6816e90f54a7704c129633ef8657885ddfe9869903abdb95b2da640b41a313fbaa9a138811adc2dee1e9ef6c95db897c52641b216627

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b5

Filesize
60KB

MD5
1339ec70ef22f9a9bbc60211432c7b8d

SHA1
15965f972a1a3c3a62942d5cf53bf220f325cc01

SHA256
7125067e8ee20da59444918dc7c190803551bb7aa627d49dcc63ae82996aba30

SHA512
faab43ed7e42a3d439827691e8590b92f2d0460c09e9b45a0dd3e7de665f9afbcb9756c07e39a10257122cba890b9583fcca2152debb21027c90a0c105692fb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b6

Filesize
28KB

MD5
97148bebedae50d7264d4d5405be0a3b

SHA1
db63df3856d8695f61b0c171b88d6ebc88620e36

SHA256
0c4b6a78c0561c36ed709f09039426304fcbe06e0f58e4e21209c59c401cba73

SHA512
715ec90a29469200118e4b483a94ea9861b8df8e70c672a0783d8957081d2fb7e995a6e1d91f8bacb978e512cc68ffd99d42e31c2456a7cf3c36ea43b089ae52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b9

Filesize
48KB

MD5
5ecc588841c2c383708a808479ff7a3b

SHA1
4a13cc57fbd546287e1b6c3c3ac52c3e5b8b5713

SHA256
8efd95f2edea27f18aad10e16dd77dab6b927a14809c6874c3f8d9979fc4756a

SHA512
fd637fb2d48797aad08728fba180cd172cc1f6e6f257c62c9e3995ae258c5ef99a5db08f784f2e2ad83146417a8cc2f6f87373791dd890d75d69d77130201b97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d5

Filesize
21KB

MD5
a95d5a22b462232f606aa0bb9487a1d3

SHA1
3f02a063d589fc541f50d0c9cbf29b6d0c90f80d

SHA256
24730444e0555b096749fbede966f84a3f6634275928a623118753daa6c84b8b

SHA512
a72e228b49a1fe1635efc8b425338f0582f6fcf2447f0ce5397ccd91b6fe74a87561eaa807c9d24c1a42c7f3abdedf9ac8f2567928991117709b37481327cf5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
72dea0532747654e230261dcb532c15c

SHA1
07585c033e0786ef6f8ac9aa5eff3b7e7c2f6278

SHA256
30a1353f9e404d47d4446303bf4fc0be85aab915ccee2ffcf2a717f76903816b

SHA512
c12c8e2515a785d7a4fd24dff03dd54ef122e555ecc27eece8d075d064c0b7528a9df123b5257c9fc390b37909a5a24e318b246e77fb08ba50d0c77d093e9385

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
59093fe768a8da5891fe20c17d580a96

SHA1
f4ed33df789872c3ae4a0b56abf7aef9734941b9

SHA256
c87a7d3bca3932dc0f22f145e0d7df55f27ded597309d1d29529ed6d2e777ee2

SHA512
0fafcf2e2ed19cfc8a805a364a8bd83ffca663ffbbd2b07f934b7ccddba67ffe52e8beb2abc4e5820c59b4c4d7d229ea2da7daeb5d3cf8a2fe7d26af1b000e63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
02c52ddf66d97c97b07949578496b66f

SHA1
11d2075ff27b832b267f5ac3b8ce0be9c769c36e

SHA256
8d71f3cb2327ca0d58ca01ebfba1fd4cfa3e03fc55cd30b6c17b422d6f4ae49c

SHA512
12e2ae58eb314603b7db57ca253cab2788d7939def2d0ad4dcd72c5da6da769d517c7688c044f0de09873ce6ba86a5c3f96f66494403a939782db5838e11cae1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.20minutos.es_0.indexeddb.leveldb\000003.log

Filesize
18KB

MD5
867a1b59b42e13f2c7f5f6cc540fabcd

SHA1
91de6d2c5c44a852ec99ac5c3d8cac4614210f34

SHA256
0195a779312f92b74776d3a967613293d06f90d79594371adeedbf1f2aa4470d

SHA512
6fceb50a6fd41373c3d6bf2784f0c2c2903d892b08cf72b3893ffd5561c2bee44e065bd18768cdf6490ff1d72cd7ae57d7495c0f49d04e3daa2b87bd6d09cfcb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.20minutos.es_0.indexeddb.leveldb\LOG.old

Filesize
394B

MD5
f2906a5e6a95d2e483d75a4ebd267484

SHA1
87f3d3adc97714dca7a1fd763906cc574c79567e

SHA256
4a249f42bbb420add882258e8065c0c9c58313142b18f68967cd330fc3eb6dcb

SHA512
b2356f6872b7732ca431be701ddf85108bf0ac01df0b13bd90cd77365e156fe64978a0a3c717af0edd890d4a049786972f1672af8621ccd79a9713f563e9cdd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.20minutos.es_0.indexeddb.leveldb\LOG.old~RFe5ac296.TMP

Filesize
353B

MD5
0ce658d6acda2315b63e58f1f04690d7

SHA1
8d708eda05b5f6d97d7a43619b105a8d685b4cdb

SHA256
c49201fbe541c78e2612b060e65ddbcd5d0730333d393e9a1283b62460985d8e

SHA512
bc2afabdb2e89d2654157bc0ec8631af23ebec6fe8cb9bf33e27051c26158ceecc476d793a17b8bdfe9ce75ef7e8cadc5bb63f24be587b23be0ba20ae663cddc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

Filesize
61KB

MD5
54d49679ff6ffca4a6be2bdd9b8c9d75

SHA1
c0046520abfbb5e99cecd8ecd050b9a67b3c7282

SHA256
7f938b5075b8c71568fc197c5cbc34e60675957f5d8a871159abb5693d7b59e4

SHA512
c0d238d7decc50ada572934f7fed33f3a6c57b295d8eb530f01e04afdb4bfed4602bb5ee2e2110fd94897830ccf8a81923f21cd7a38059e324f5eb7c540a3115

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
392B

MD5
ab4c3b398bd872847db95a643ab47c14

SHA1
decc7271aeafde00626f02b35b90a63b32c2a1a6

SHA256
4a42db16606de267e01daa49a01c47434266a29e59080d8844852829ec5ac77c

SHA512
520ceac464cc74f9cd2bb8cbbb8daff1ea3fb1af4fcb9bc66d88533fe2261102c6fabc13766d8b6687cd0b4571bb5ef976c04d4728bd3801ea80cb492c3359fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe59d289.TMP

Filesize
351B

MD5
d62edd3dc96e3f91c0d969cf2112b8da

SHA1
c00f412b075385d524bcaf7cc3c7ea249fdaffdd

SHA256
acfab1339709f33d3a5d99b86c63d49fc8020bd6c42175b32d94047333f4dea0

SHA512
69355157b28b9619004edf72fedb08d796377d559d5b80a42f6f664cf0e2022816982c117eee9dc7ee5b7f25f69241426de5f7f48d5947184b2d866e984a656d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
17KB

MD5
99fb7655a3b5f64d406f1e6baa58faad

SHA1
88c2a042d9778a9708d8ea207e7acc5f644ebb4e

SHA256
fd2b32f32958425d5e83084136ef9acb701478e31184deb40585db5c1622769d

SHA512
a3cb285fb11f9f4e3fba892b83536a83ef3f20d1c3f2667447164ff1efae0d5f93a867af3c61d0cafe5ec6caa5c582f032925186b7fa81fc08884c2f0ab7592a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
20KB

MD5
b8cd07b2ba15af8a5a28b494c231c461

SHA1
7cc999817a8723b887adc99d94cbbe3975a9b768

SHA256
57838524c607966ae4f30ba0a5dbde19c37863e5238e7819379a13498b942421

SHA512
95581fa5103703fd4ef45b3204167df06105c8f8d6626773312a0f6f60e1663ce1c893d9b8c979060f594688d5c99872782982e91445d4070be9ba5f5028c1f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
24KB

MD5
5f39c69e8c105776bb19066a15080aed

SHA1
bd4ba2d6f99ffbd3f4987e57ee2a73f70f418691

SHA256
f43de9423feacfade0ee5cf7de26d3402fe3180cb02b6bfdb72af6b832a38a43

SHA512
3963acdc204f54c6f834391e53c82f8a4250891fcc6b4c1bcc515a978b8b70c30f48f440cc33cdc4cae1f4d57de9619f4a9537a947621f7fd3aa218d0d7964da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
27KB

MD5
73ae18dc1ef1c2bbf3453bd1add15098

SHA1
2a05a629cb84a3ec58d4874544a48296067cde8c

SHA256
f285015c276a6849236815c43cdd50bf561b896d75cdd1b092dc89bd0a4c724e

SHA512
a5bf8b981e418a0cc8a1b3bb36ce36028e30d696897c6121fdbfdc305572a082d65825085a2353b61bcbd50cd8de044980559ff2a31b2a548ee05ec241d47e0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0a95261d56203d302dd87f0385416a29

SHA1
a0b3e253f3333a3b64c45680c4325666e67ad3b0

SHA256
49099dd05b91cfad61545c59b308f38e710648963c5e0e046ef1ecaeb1381105

SHA512
56beb306c6bb292ae50dd1ca1f1e2654dd23e05ae195b38d6ff6808d6adc03f121acdbbb072f38026dfc043fc138b337f1ae6c01252d2a13a2bdda3976c24630

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
8e1853c6771de5f3531f5c194058a31b

SHA1
b855cc44b879e3b1c750e2e4218b588a921e26e4

SHA256
437b153f4264a91174e6ed22b38451680889fc06b0a8b39f92c933755f762e19

SHA512
2b1de14a999bc2f4d278ea8cc3a01d8f2ae5232d90f9d7bb1603ffafb0cd2e33ba97a316223ad92de8f03ee6f059dafc0dacf3b8c74f23f97bb7a8e78814af93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
2b0a40c4591a28e90661ef1ac6308656

SHA1
d0ecbf8bd539ed3f180bfcaf365c549ebf1b9dfb

SHA256
e46104a32c2f0e48282fdae31d787a8c66395e2c4fe5ddaeeb78dc516affa315

SHA512
769e068b1cdd6dd80cdbd7ffe41544f7d2cde5171d093f5719d45549ff37bb94e07e1f8a6f6e4ff12b0b8b03235dbda7cc68dbc5230b7e8a52fe182af863efbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
4abadef842e0f22bdcb183d985aad4c1

SHA1
0d9a2c4c8699afb80aa26007d4feedf04c3b20e6

SHA256
4b54465722a239a12a6068f513227896277c12decc3f24591e2654bab92c2c49

SHA512
65cc37ba772c07a240a0f8316ff7c70b68f2870d4e9cd8b6c152d400c744065c6a204a715483e36fc11d3e8fd420b50e4394013fa334df060578bf3e5ad8c500

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
383d3e4a47d4fd0e950a2c2562fc12d8

SHA1
e73890a048f7e26c3cdcdb9902bb68389e2669fb

SHA256
53caad037ff326ce42ba8ab02ec250cf24c97535b56f4287e833b08c4bcd2988

SHA512
23fd71aec82659376b735c0bfef294516b86d5ec94d97c79b49a08de3a73b3b4a29b78e3f80b96095770fd8252edb0880f4c4e16fbdcebf7816ce7cebd1d0cb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
f1923ed79b07488fd6dc42c720efecb6

SHA1
b0dfa79be5c1f741b99316cec3b6e55807e3ce8a

SHA256
29bb3ef962433682b29449a387d764c764ea0f25704e9e2b9339e48ba5c7a3a4

SHA512
192c8cf379cb25e2966a592228f4d617af012e3b349d561d520905df8c81954bb8f499cb3101bf9b75dbf36c34934cf5e996ddef0293fbfda9af86c961640915

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
02c95afa21bdf0f10ff5db485c040e84

SHA1
33fc64a77d490dd9ea259ae1ac50d5e5f89a553d

SHA256
85726eb58eef349907855442e8f8ac304bb856674f895bdfdcd0911a934137eb

SHA512
ecd53e9645f965434c5024834bef5a90bb44275b7009db0feef647a738c21b7a9fa07d2b02d24d5e22446ed2f9084b4846f9a67e308e533dc7280a9e6b4d58e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
69da376da43017fa1d06472955eac456

SHA1
0d2aaf78f0399102509a579396e976946f7660ed

SHA256
df3be9b1f7d55892fa0978776939435fd8e2fa45c7aba3327bd9d631433b06ec

SHA512
d6d563565fc15a7fda5f9bdca5c6ec460eeed335861e6f5c6c5214ffcba9055b31df6d6add4079496251e4575ed429f1d2cfeab986df837ea30e1b99e112407e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
fca431c5f630189fa9864bc497f00375

SHA1
b472404448ee916a415fc63c9f078c20f8d8c9a0

SHA256
9fb311f3a2eb9026eb2f4dce169cad095604b5099863861eaf0093a29cd6be9b

SHA512
8f007b808a7ef379e697244c07906ad096eac532b186855e3972e5b1a8779a016a8700b14dd648fc5e3ab52d4599d0284d4bd7658adf74fa51ef7416a490d7cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
d9d175d199aed7f6270a181e45430ebd

SHA1
4aecaf3f8a8741bf335239d0907c26a79cc7a2a2

SHA256
56d0184542bb934804cdb5f6275555b10fb1c9fb6557025b389f4d7f21f5353a

SHA512
b6fe4e371530ec3c518a61c15ba77b260c7b2fb1c37177b325a96215dc49802f87253163f9b4616a56d0d77ead7b1a6c4169c35ff89dfa94d2178d9f73b06182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
1e80f052a40142866eb3b1cf2c286351

SHA1
7fc02120fdd1988932286c8ce4143ddf6d7b115a

SHA256
b340d6b796c0b619ac944f05031194ce193d110f7bc38babdff4e7f37be9de22

SHA512
f782c7b2000ece13ef9d03e1fafed86ded69ca1b0aa40e6d6209ecc9d4e577c4a6088f6d1aa672fd5908606cc7de81b796caadb8bf96547e7be8f34ff2337ddd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
72865200ccd14080e9100b925eb94e83

SHA1
68a2e0cf50f57f44848d4325730b587b2bc2e77a

SHA256
2206e7cf580af965ddbe8c93a20b25b232a2837901d0e5f8b6a8cc951b33ba22

SHA512
273c5b3546977ce1dfc0bbf9a58dfc91e6d5ca228c260188d255d6e8952098832df9d55ecaf0cd04ef12e39ace63f3b03f79dd64e343f8295ab613ad30c54327

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
c5b08cb7986d2f36e76188517fe06d60

SHA1
153d4eec5ba678d9d6b1455035145ac8d157aa7a

SHA256
61562742c2d9958ccf10e8ba27f6c16e4027212d1c9cd764b87b13724c00d323

SHA512
fed3a185d8fa462ed85bf1be76c683856f1c534e2c346895a6dc6e7a4e5734d15c0a72ea5fb0dd979fb950d1925da6b1bbde5cf8c8e5bcb1b3cf2f077d8ccd7d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8f978f017360ef23d1747fce69b9a8d5

SHA1
7767687908690f2d47e76e4cfc32d2e5d92b019c

SHA256
86e114bafadc65efebfee5f9550af7ba44263b963f943685735ab75a2f6235e1

SHA512
7fe6f26de3a369bc12ecddf723b0df870c268d2627aab909537e17660bdfb4962a9b3bbfc72160b3e87237bf31dabde2c372ded7a1395358e7adf99bbcc5fed9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ba5bf09b7ba10c1ee7c1b00983098393

SHA1
af1d84165abb1c5d4416f0dbf17d2429580290ec

SHA256
c72f9416ffbc256d49e01e66d7806cd4b4d803b77b85a60389194e36206dd207

SHA512
1ccd42eb666b3c2704bfd2cf423d95b715dad951cdb4538bd2891393cd28e0a7cefd8db878e01f7413f1e7596eab1cb17f4e2a6f4bf8384c9cd7d3c91441faa7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5937febfddea0f0899f137fe545d2545

SHA1
41c51b8a87235216ae7ce7fb5d9616b264e91327

SHA256
b81cf8d5a2ec6fdbedc8f992657bf1b43ee647f8b0184b1612ec2ae30dcdcc4b

SHA512
f28143acf5097440ca242aa86ac00c2887db3d64175cb3084a95d982eefbefc74c66db6bce3833143af40cb1c1738bab7ce741e204584b39a2188af9e76f7a76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3e671c6b8e9de808eeebc00704e41a59

SHA1
f443958aa198c3e41347b93cbe279921bac80694

SHA256
182f5744ba40197dca12d632b60a0e02d9938ee8799dabbab223d4ab4d131f34

SHA512
11feb4966bf16b73877364a3a22775a1f1b91f930ee0a409316c4b59fffc6986bba39bb0d909553f6183e535d6f31222c870b62a4292ba8992d049a5ecd5097d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
f843affa273c3e549dc829b57ecb6f49

SHA1
0ef1e45f492dd31f2e692de7631573aefd219d4a

SHA256
91194f66f61d3abcdcf272ac42047ae048dfc4649bf207e38be4975500561bdf

SHA512
1461bf6ee056dd418724c69369e64f2de63cba48ae25fc4b24b82d0ecc757796e40e57c02f026b030858900df87a68e97fe39ffd8bfcb4acc3746b6afa39a6b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
1514d01e435ffdf1eda7e7824ccde898

SHA1
05e8d413ce1bc65d02ba54145888fef95e9107b0

SHA256
dfead09074c26ae24c620f8033097497f9b69d809bf778add36838aaf717b935

SHA512
4cf2c63eeb6a04d669884bc1c9e419c855896224b7d21952feb9baa94ccbdb6e94e89ba93e7c0637f0cfdefd09dec6c8ca697204a72f5a108942c0ab82b5539d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c62e7cae9b125fd91904ae376ac5e203

SHA1
d4c43c85a4b47fdc2d0ea15006ea014e80de3946

SHA256
3d16c332bacd857be3b03eec4375f8d867f2c59a2571aca5b64baed950ea8973

SHA512
f4d78b41189526e71e22f5356577d78b5bb45f06a41399583459b35b8567e41c9c2493c905c948b14edceacfe2aa56c2db0f466d7fc8c9184e442d03c85762ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
09d94872945cfa032dce1a6bf97c6f0a

SHA1
09c83a92fee8239246576bfed7011d411b12234e

SHA256
e071f90ca8350be45448e1f25ef7b2354ff25dfd2d4878b5f2b24d8487b7e5a0

SHA512
e1b1e03519860eec35dfd41ea6300976268a9c91a7d1349d78c90490407875a40fb4ca913ca90a62302fe010bd6ceaa9e089917f31e578dc78420f4943339a75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4200832b769ba5b1a59ec7933451e87e

SHA1
79df67ad1c8ed91da2b10d388be5a19d6e54f4e2

SHA256
4931d601525c897a487488cf0d3d8808f5a2e7b6807ad0526e076a8720d12528

SHA512
beff09ddbbdf73bb684947901681bc161067367234e1d609a9569d8e2620133576dc543fb55977b2501f562f8fafbce4fa5d73e7f7b9803be74d06538aff6645

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
92a56ce4802f25eb6699f9d4c6680fb1

SHA1
f9167686abd0fe3d2cb083cdd08de3b2f627fd0e

SHA256
c22a8e70e0c91a649a651a16cda6425b622849f07e6499ab84fed2613bf5be32

SHA512
861a7f1f56f2ea940827345c274c25e56dcf5d4359b988cf4ba94a0f083c7efda5c994a51bd26b3ea1a1dbf213de7193e000807f343a9dc9d253fd14b924d577

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
de03255ae70abf33d36639f95b300b9b

SHA1
f2e403e702f365f661b697743d37f7ea221b5a2c

SHA256
ad976ac20948589ea7b9aa0fb8841162067009fc46af98c3872519f8344aba65

SHA512
a5d93f20b8fe5dc19084a4b4f94ef50a8c12bfc17bde9051cb9e3c48e8c2356bd9d2625d391cc5a3bdc8cd2dbd7b7ad4e28a67511c4e2eb91c16f4777f06111e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
0b0c0796fd73e5664bece2046b47a63d

SHA1
f7308455837c9859f08e44bd4bc5ce2e2c7823b3

SHA256
46bd8abc565700357d1119817303378a04aacf063a383649bb19ab7fa355ba06

SHA512
610b2e2c553f7201635ccda3ebff7cd1ac17ba798822f0a9bbfcc22ba714a886b43508f95cd4a95a860cfe021717e2ad2b9c48ca1438c5b145baf2a74b439582

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c08f07c2-64d4-4dd8-b4ae-8080c7a22cde\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
831dd8b54c0be51c2c2a643290ed1ae1

SHA1
d1a099a1b8ebd1e3a545bfe180d9f95922a5d75f

SHA256
deb5816f1ff571f3b5ddbcf71ffe0c9a2bbbe9b518ce40e153f5692b042b4098

SHA512
65d0d3a0ad165783459e127e988d154469e9578256af19050463762a0fc879d331ffe26a9c94e11cd032b1b11d3339ddd011988620d6679ef7140731f90e1cba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
68271b113ac9fa3dc888873e20b0f926

SHA1
71260bf48c6eb685517b1eb77b6acd9f39a4c766

SHA256
53e972a8180861052cb122aa3301e29a2d79050a57bac864f8d151fda5cd528c

SHA512
b0b55b7662726d4af38cc2fbf40c3ac45773d92edb2c16f028bce6877b37f179d61145dca5dec966d8dc00d416125029b3372aa6c6828b03c5028c06d779d562

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe594a4e.TMP

Filesize
120B

MD5
4d7784bcdec977324f805a3dbbcdab5f

SHA1
fc582a73fbdd32f498f4421321ca9f91626fb90d

SHA256
278f91552526abf911743b04e8e716c39a5ed1adb6f4b49ba111605f997ccc48

SHA512
009d5af0faed6f2c15e3f8a4fb6b5d4ec6079047e194f13a5368ed04bb2139e2314fd84e9c1d78633b052295bb67835549d92fb8b8b427629229a4fcfbcde5cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9bf620e322f26d3ad97c25b5084c7bde178c89e3\fa807813-bfe4-4a41-af51-e7f658f67616\index-dir\the-real-index

Filesize
72B

MD5
f1b4f8d36198d40791edd9ecdca84726

SHA1
f0fce69ca29427c5be90a227f8499dccb8dabade

SHA256
650928a71f1009c2f3e0f01b77979eaf14603f89b7e2c7404291a56d18aa0368

SHA512
30493d25fc7898a955bb75ab6b434daf6101ed6392cc3680d7228764916c916fcfc72234f8c895094b93204981c546b69b4b738165fd030d842554e4d4c1923f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9bf620e322f26d3ad97c25b5084c7bde178c89e3\fa807813-bfe4-4a41-af51-e7f658f67616\index-dir\the-real-index~RFe59cceb.TMP

Filesize
48B

MD5
5f58caa5258358b5837f61372ad3295f

SHA1
b46663ac725a84be74676c215090d5084fc08b99

SHA256
471f413ab2b81a88486f76be0e84a29807b7b809f570ed66133d8a9bf84e460a

SHA512
988007aff6c0e8fdf6afb62d277673227d43fab44f9d8412674f732841e8712b37258f9df34815c295d2e53eeb66e2e380beb923c914e8a2550fc303b82e9cd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9bf620e322f26d3ad97c25b5084c7bde178c89e3\index.txt

Filesize
196B

MD5
739355fe1c981268e564e8aba8ec4e1c

SHA1
0ade88500081ceb5d4a86d64e19a4a55a58828ea

SHA256
e3eea94d0926179533bfead3e89bbf90d951922adfe674944b6468962e25c625

SHA512
bc65cea78189b0b083a1f3fd322093aaa161a059ec5291218a6952a7646560bed0b73fd8ab09df37931a8cf0ec01143a291210a41444f13fa42f967d3198083d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9bf620e322f26d3ad97c25b5084c7bde178c89e3\index.txt

Filesize
190B

MD5
6cedad5bd57ab092f188449cbae41233

SHA1
49245ad5791d7f8c796a15f1401e04ba669e43e8

SHA256
f4cbfb8660ed56b106e079ae26f99614269446e77b91b075453655b74e147212

SHA512
2ff0c699c90ced74d777de76c335f0bd3a053e93250cd2ececfb6cc97a200f369cd457c9505740035b3fa2c3045ba5664e67bcca49dc1bed9c884b2c0dbfe2c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\9bf620e322f26d3ad97c25b5084c7bde178c89e3\index.txt~RFe59c3d3.TMP

Filesize
137B

MD5
e7fddc1f14644dbd29e87e4c2a958caf

SHA1
30d3393f56779ce0389cc1b1d6295d7021cde22e

SHA256
8b24051b3208e0496ccbac936b016fc3a5068c12c3acbf565b3c5df4378eb2e4

SHA512
5ee808003355c45d3d23129f84a95e0ad4c9037ac5ad6b07e9f906fd017487bb52eb1a9e565365fc71e88ad641a7f76e36ea29a2d73c2d755f010a6ae45b92c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ddf1591c-7b04-4a11-9d83-1aff909290eb.tmp

Filesize
8KB

MD5
1056b9268d7a2635841a244205101648

SHA1
649c25e35597f47e5c48baa69de75e6b2771fc77

SHA256
74210643abd436499c7e6a1fb22e54e78c31c8fa3a5476d1dbe033be42081087

SHA512
d72825d1dee5179f73b8eafa606495a8d3825e29e0a0c9716295ab18cb1785907ec133bf0fecf59bd4c3e89917f5d6c22203a3490b86983b599b43286a919e1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
6d3b59cec8c3e610cdffba17a9cd4570

SHA1
e58eaeb66ece780f9d99221d6d60d76594d075e7

SHA256
3ddd74b2e44cd9920c785133d6af286380cef11e58219a0c29a3af5ed6e6bc77

SHA512
083ea0913c2b431ce1294a59d00f12909a6af4f9cc41e267f0d12e26a25044d44674efb0e94c01c2d14d34b85b7506a1d96183bc68ad1fc52041d61c07eba25a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
06c999046110f690a4329fb750df2f3d

SHA1
353bad7487bdcc5470d3eec1c5da57d96adc3934

SHA256
64dfc28272277266849f87ea60c570d458d64d64c923c7ce32165f923498ed88

SHA512
32e9612d240df8bb06a13cc61479a5055289857bfbce22e817825cb22381fa681d1da1cd372a694b7222c14c1ed40325fe5e848dc53eaa0731fdfd21139c3fb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
164KB

MD5
6be086f577e8ae18fb7efd517710046a

SHA1
f7dd8700c5217bc5488ce0a8ec410461baba23e8

SHA256
839063751513a88950bd08cbdf0101c9188ea0a66515ace2b2f7fa4865b3e11d

SHA512
4c4f4a464745d958d1a15203450170eebb8348d7828b6a61037de509d47b9644976a80fe9a2ffe1ee35ce0219bb930302bc7c06b0ebb93041bd67d31fc366af3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
154ebd0e8d9f903aeced7922ddeb7871

SHA1
fb30cb9a10089e2bff1d537a3655310e62a7d1c4

SHA256
884da893608271c106b8f766bacb5ac970fe973c21b15234d88c7e74d4b92537

SHA512
faedbf639004c25ad0f8fa0e1c2ecee99326c42e34b3f54b05652231acd476cfde86db2dcee7ff1a83ed87df1f220883724ea0bba19550967648e31142ce59c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
72KB

MD5
153ced003978be6eac210e23132cc141

SHA1
9525ee68bfd3c2e47d33468b14d85385def6379d

SHA256
b600b7ccb5368687eb3fb5445ad1c60a49eb06666cda2cfc39b688d48a8fe64f

SHA512
b92c501ee4c6639fa0bcedaad7413f8bef00fece7973c4459b9938a9542054299c0f2429e792d0255f08a4895ad69473d338de5767e00dd09b9ce1aabcdeca1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
24e30965f0c6694c6b5714dcad19dce3

SHA1
b6f771842f6e6bf5099d78574d30809ba4bdd3dc

SHA256
dddf6921b78c32dd4f9b40ed17811142e2d3ddfcf8cb10231a42146eac9d72c1

SHA512
5572abae8f37c1d035f2a39941ee4bd283a9f6213673cacb551bc5b3e7d49b7b63acef06e760f7a5d55db96bb87b71053e55e331b7fea8855941d14e33a61398

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
20fdd4500e63faca89626415bc7e68e3

SHA1
192915e432a22f118fa06c7e3cfbfd88701cb9f8

SHA256
fd5fcaf6b843aa781e00d4616e7bbbce498a5fc06a274ac1560f03b2ee2d4178

SHA512
926ec4531dcda0f2bb29ce71cdc6c311de5b98721fe8b64b7dc35258b5655bdda77611e3eed73b5c834dbc8ec4cec693b5c3b3024fce86d33c55329ff2db9307

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57c66d.TMP

Filesize
113KB

MD5
047e0a2e887ea15a130745c579306650

SHA1
23338d6084cef706ae60a7aee55d449db26049a5

SHA256
2f42b0e90dd5e56571a3cd994f1cc126a4c35ca750ea67076eb1f4f2071fe1c2

SHA512
693146350b0658789e66df92522897640da7b9362da6e92eef9f46444618e092664bb656a5f5d1af492f9503dee4b31110d96686090d6a941d52ad67e3ff63a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\f1a12d6d-3b26-464e-bf99-b34942b8a8b3.tmp

Filesize
145KB

MD5
58159b215c315240a2737de0bdd2268d

SHA1
159710492764e4e89668525285e64e142d1db9fe

SHA256
a19e32c5bf742db145f9fe5c8bd9cc2011b394688b3aac1e08d6d4cd46de4677

SHA512
fb68a3390736b7ebb65e749f915b3d26be21afcde2dc29314a1ddddcca35e3994e4e274660e3be836d11a4d47dae30a0d474e4c8ebdde0393a4d2eb4b1f978c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Massive\usage\000002.dbtmp

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Massive\usage\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\Downloads\OptiFine_1.9.2.jar

Filesize
2.0MB

MD5
ff248f7f2fed53bf1c08336a14ca6a9d

SHA1
c032b2ae0b6087077efef8ae89b612e0d4ea81b7

SHA256
37b367332eefc4c78daa1225b64a6bf659a8aaa9d5ea16b7e29a935234ecfead

SHA512
26d94b755a6a0cea7bb296e0e2a4c084d68ad7be3bcfed13fdab10576aae4fae7970a2a00de2dd4adec76c2e19a2c3fb7b68c31f70feeda58afed23bddc144ba

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 406784.crdownload

Filesize
2.0MB

MD5
ff248f7f2fed53bf1c08336a14ca6a9d

SHA1
c032b2ae0b6087077efef8ae89b612e0d4ea81b7

SHA256
37b367332eefc4c78daa1225b64a6bf659a8aaa9d5ea16b7e29a935234ecfead

SHA512
26d94b755a6a0cea7bb296e0e2a4c084d68ad7be3bcfed13fdab10576aae4fae7970a2a00de2dd4adec76c2e19a2c3fb7b68c31f70feeda58afed23bddc144ba

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 734404.crdownload

Filesize
21.4MB

MD5
ba86e83861a591cd16cadf1af28d141a

SHA1
e43452bc398a8022327f277215bd0f91f3c25664

SHA256
666a8643a96f74ae3f111dc4b83c800ce514b338e87cf8d101b5ed07125f701e

SHA512
b707bb10243bfbc239bf7fe26828942f2b473b020ca01451c61bda341eab035050d141d108684b6513f0672c2a6b9bafa8bcaa8610bf4cf542b04a10da9a24db

Download Submit
C:\Users\Admin\Programs\Massive\RunMassiveStartMenuScript.bat

Filesize
109B

MD5
c11978a8e544aeaf57e477839de0f104

SHA1
08e1172ad998320ce54d9fe3d79e79af4687120a

SHA256
c9b0feca4f8db20d7dd7a3cf0ad77506215ba46d26805ab6d22c07d52e43e056

SHA512
71cd8390abedb9eb4fd6154bf3c28319124e6ef72f139f853b5b9e5b0764306860bb2c5ab22ec68c4172a8661b2becaf79a1fa3dac0f8aaca38195aa8029a2b2

Download Submit
C:\Users\Admin\Programs\TimeBucks\TimeBucks.exe

Filesize
6.4MB

MD5
2f607cf6dcab69d4d9dd2240aa8d48bd

SHA1
1f9b45ed6a145c7f4201f67b54f91db1d964da6f

SHA256
4126145e28163aeb4d36e2cc841c1da34c6b470bddb2c4adee193d5c9584b8db

SHA512
11d47a2c182d92ea990b07a0decdcb633586544549739739c3dd080cb456a36cac61dc1a5ac80b41e9d765e414cb4fe83531bf084f1aebd7114afa5068789dee

Download Submit
memory/2172-1005-0x0000000000400000-0x0000000000518000-memory.dmp

Filesize
1.1MB

Download
memory/2172-900-0x0000000000400000-0x0000000000518000-memory.dmp

Filesize
1.1MB

Download
memory/3924-1892-0x000002479B110000-0x000002479B13F000-memory.dmp

Filesize
188KB

Download
memory/6384-1127-0x0000000000400000-0x0000000000516000-memory.dmp

Filesize
1.1MB

Download
memory/6384-1023-0x0000000000400000-0x0000000000516000-memory.dmp

Filesize
1.1MB

Download
memory/6632-1125-0x0000000000400000-0x0000000000750000-memory.dmp

Filesize
3.3MB

Download
memory/6632-1039-0x00000000009C0000-0x00000000009C1000-memory.dmp

Filesize
4KB

Download
memory/6776-905-0x0000000000D10000-0x0000000000D11000-memory.dmp

Filesize
4KB

Download
memory/6776-1004-0x0000000000400000-0x0000000000753000-memory.dmp

Filesize
3.3MB

Download
memory/6880-1893-0x0000019DF0E80000-0x0000019DF0EAF000-memory.dmp

Filesize
188KB

Download
memory/7072-1046-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/7072-391-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/7072-406-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/7072-414-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/7072-418-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download
memory/7072-450-0x0000000000760000-0x0000000000761000-memory.dmp

Filesize
4KB

Download