cb48130af903a9dcdb55d2a286f7ffbb442809f43c51ebc52c587daf4a062890

Resubmissions

15/03/2023, 13:25

230315-qn3rrafd4y 3

Analysis

max time kernel
1799s
max time network
1801s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
15/03/2023, 13:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

download.png
Size

238B
MD5

19b5b641cf4b068b21d5bdcc260abff7
SHA1

4f90fa22bb803158ff2d5abd99e5739817301215
SHA256

cb48130af903a9dcdb55d2a286f7ffbb442809f43c51ebc52c587daf4a062890
SHA512

fcad5a976de3f8d025081a94e6e3df5f70f90d689f9c57a6839ce2faabf3c8db07ba1da9b51b0e62178f0403ec7e5766b004247a06f647f3b1e4751b32cf70c5

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133233649068587746"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4352	chrome.exe
4352	chrome.exe
6960	chrome.exe
6960	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe
Token: SeShutdownPrivilege	4352	chrome.exe
Token: SeCreatePagefilePrivilege	4352	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe
4352	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4352 wrote to memory of 1988	4352	chrome.exe	109
PID 4352 wrote to memory of 1988	4352	chrome.exe	109
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 5108	4352	chrome.exe	111
PID 4352 wrote to memory of 4788	4352	chrome.exe	112
PID 4352 wrote to memory of 4788	4352	chrome.exe	112
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113
PID 4352 wrote to memory of 1112	4352	chrome.exe	113

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\download.png
1⤵
PID:544

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcdb529758,0x7ffcdb529768,0x7ffcdb529778
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1824 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:2
  2⤵
  PID:5108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:4788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2264 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:1112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3252 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3388 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4596 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4728 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:4240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4920 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5080 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5228 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4968 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5376 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:3588
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:3068
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x21c,0x260,0x7ff610b77688,0x7ff610b77698,0x7ff610b776a8
    3⤵
    PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5336 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3264 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5004 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3176 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5800 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4932 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6004 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5924 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6276 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6432 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6596 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6604 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7020 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6964 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8012 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7892 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7472 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7452 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8160 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7412 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6776 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8588 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8648 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=8620 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8480 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9644 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=10492 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=11068 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10948 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=10888 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=10452 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=10208 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=10176 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=10152 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=9328 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9380 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=9364 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9356 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=9312 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9184 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8800 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5036 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:8
  2⤵
  PID:6596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=6872 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=5560 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9520 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8500 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=9228 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9240 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=9572 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=9736 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=9416 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10892 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10380 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=10104 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=7908 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:6776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8220 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=10780 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=7036 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=8468 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:6944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=5016 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:7108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=11924 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:7160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=10408 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=4860 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=5396 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=6056 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=8824 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:1932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=7808 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:2068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=10012 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=9660 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=6204 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=8808 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5244 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=1560 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:5796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=7188 --field-trial-handle=1840,i,11879811803194034450,8026652281898814591,131072 /prefetch:1
  2⤵
  PID:6228

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3612

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2d8 0x2f4
1⤵
PID:6888

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

Filesize
1KB

MD5
55540a230bdab55187a841cfe1aa1545

SHA1
363e4734f757bdeb89868efe94907774a327695e

SHA256
d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

SHA512
c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\79d28098-2192-4d68-a950-51adc73df51c.tmp

Filesize
6KB

MD5
1e61f858029a394f877b0ce98e85fe93

SHA1
431ac7464a4dbf3433ee72a3adcc6d07733a4d65

SHA256
a8f2c9aca64051d55093723f717509a0396a0e509c3356c0dfc62e71e564357f

SHA512
dd238955fba4ed41f85c1eb0afd731a1c666c0aa6e97d9f23e69e3c66fb494050755c3c60580beda1a3051099aa9bdc01fb662759f601fa05bf85bdd374e29f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
26KB

MD5
9f853501868eaa01f063916ce9c4a9b5

SHA1
d6a2a0199c5509a2b6d7c5cd9c708061e25b674c

SHA256
202b28b23ab06f09ad5e6270becd2f7518740d2af5fb20e178a928b459e90551

SHA512
056d461b088848a1a7e49d3f0ec6be3947e9e3ba83b4900ee388ba67cd5455df7e65b5bbec860fa64371c3765e4d1d4b69c7c2a542b0e0924602abc9b744b092

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
23KB

MD5
1e8997255b5a30e920893dea990805bf

SHA1
f06d5e9aca192663bf0f63523d55b7175cafe81c

SHA256
a263f06da3833a6d0f2ad2e1a489ce61d13745345921657bf0ca81345f63f2d5

SHA512
19f3e1db301ca57d16e2bf866ec102aa8296331b49f6967bc3263b1f39a21d72fd7a6f3505c5481ffe0f1466e76f94c601c9e9a3a49f02b7eeea342d56d099ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
19KB

MD5
af016130ab7d36eafd45c9c66dd2a7c7

SHA1
3f0785871640c5fdb88aea7067f6035018c95b57

SHA256
40ad72425a98d2c71ce2556cf0ccea914d7a222d507f77aa05901d823c227623

SHA512
814095db094a59a15546415116d598d6b2ae5516bbea48ba8e30bdb15ecc5ca97a36d538b47e7ff812e8767d34ca58cf0e62f7eb33240939ebd29de164598e97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
38KB

MD5
8fc59260a3ae10ab364e84b1d709dfac

SHA1
a4ea8f85bec73a9c78f26249b777cad44cd14b50

SHA256
1a711ea02175c3e510fc8e3a373b8bc1ed5c644ac9dde7b4b4950440aa10d27b

SHA512
5a5b290df18e1c9645ecb8aac21145df0db28ffe3eaa09cd2cbebf1bee3f1b6ee575f952343978476688c4b06d083f74c2a1704353aab36e7b165d15d405e877

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
26KB

MD5
f4ec85fdbcaab53c9d77360b5343c176

SHA1
e400f5f909305c201094e4ab13f42e6e471d49a1

SHA256
a11c5960c7e58950a625fcec48d6f898a28c6f34318662902855e7571e2b939b

SHA512
c2ca14389b95dc82ab68e562bcfff01d90290ec73e654efacea1f5324ecf2babd0dfb01375a900165ae3a084544103b125c398f58060f147c84a30b4c6664b2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

Filesize
16KB

MD5
c1e7a912dc8316384c56401b377fe44d

SHA1
be7820d952d5e66d82a10675bcaa39b3159eb6fd

SHA256
43820d35a951b5b684a48fc0abf95afb4a0b6b2d2ed36e199cbb9d6d8555c886

SHA512
2c9f342072a0ccd591c8c3dff603fc0876f24adc71707af877c2cb96bd41becb7712f6bdf2870a7abff9edc4c5de07fb16abe20b08e57682e2852a7d21b7c897

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

Filesize
152KB

MD5
9bd6efdf20e4b71d2c761d90885ef207

SHA1
41f19f7e01ab4c586247d16c959e9571f202c681

SHA256
bc03405c468b70ed64d8c26d44440b148a1d4a0177983ac2d444a0f2f6aeb31e

SHA512
9a55a36aa075ed747159439ef1426b3c8728369ef6abdd7816f3cb8aa9d055afebadd512df7cfb2773942fd0717dd62ce120d710b2e4851356c115a45405d4f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
29KB

MD5
5841d561275bcb7d72d7ffc863483f80

SHA1
f0049f53248feb16a38852c1a03356b91becfa89

SHA256
11fa8ed8641b66f1b4f32a8193719e901e30724cc9ea0ed2dd779e1598f12292

SHA512
f1b6360aa3062d997ff68d260d4a1c96bb9bfb6b9921da1f233099470469260796d0f50d6f111d453a91912d518f844479f3bfcf3c91358220885afb17c1162f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

Filesize
464KB

MD5
101f4063782b432ffce0c7961cc84130

SHA1
3e3bda67a71d0e94b97dd3f3f9994559216037e9

SHA256
0ff5cb15027231035f6fecedc8e041aa5770eab96ae5dd963692734adc4e058e

SHA512
d8b87f5e720d9ea4831054ade375d4ff00d20a7687c2aedeacc2a27c6780dd7b01905f90f6c1e9b62da188e14de68ebdac36b94eb8a8ea8d5143d705f2f44d67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

Filesize
2.6MB

MD5
30886b960454fc8b3de93424aa9cb1b3

SHA1
0f9c50ebeb26d3f23c7889826ca3145edf4371fb

SHA256
a0fc75e78a493539d9f692d4aedc5417810bc4563efb571d38e4c895f7c587ac

SHA512
da98afd089b58d55e39d2780cf302308eeb0a6e9a49a664d54b8afd4e787d75cf41fdbbde7b9ed737571d311c2745872729594d7814407c158d24f64a153629e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004b

Filesize
60KB

MD5
1339ec70ef22f9a9bbc60211432c7b8d

SHA1
15965f972a1a3c3a62942d5cf53bf220f325cc01

SHA256
7125067e8ee20da59444918dc7c190803551bb7aa627d49dcc63ae82996aba30

SHA512
faab43ed7e42a3d439827691e8590b92f2d0460c09e9b45a0dd3e7de665f9afbcb9756c07e39a10257122cba890b9583fcca2152debb21027c90a0c105692fb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

Filesize
28KB

MD5
97148bebedae50d7264d4d5405be0a3b

SHA1
db63df3856d8695f61b0c171b88d6ebc88620e36

SHA256
0c4b6a78c0561c36ed709f09039426304fcbe06e0f58e4e21209c59c401cba73

SHA512
715ec90a29469200118e4b483a94ea9861b8df8e70c672a0783d8957081d2fb7e995a6e1d91f8bacb978e512cc68ffd99d42e31c2456a7cf3c36ea43b089ae52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
03d333e743140683b3f2b17c9e322c50

SHA1
92ef80df2392e23e1f03e1299340a59a1da9fb84

SHA256
21aaadd1a25eaf1ad18643d69b44b5682e2453b3840d906f19ba22cfad271c16

SHA512
c0c762e7491db29977244d4ed863117c3394d03052272dfef534e5e55acb05c6c0c22ad0eb220b00c4e67e1e07a30ee244766de6583852b27ef2062a3e40364c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
429196e78488fcfc156a2c3f66de542f

SHA1
8587409f283929e79acec2c19edad7b8ed72ac10

SHA256
9f038c975563e8b6b554386362f165fac9fadf25c7250306323fcc610cf37e1f

SHA512
fd32e685e61526e407e5df454d9be0528f56650c3f55b23ea4a93a911eaab15e065c63967e60d6c2dedf82fd29f356c16ea32cca13d3e811c3f6e7506052b417

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
29faaacebd10650487f684a492afac0c

SHA1
fcf2bf61318aee2e4261482a99ad932a115fd7b6

SHA256
84113d60cc567caac5d5982a6e80aa6ec09627bbdd976aac0bf55b151addffe6

SHA512
7319b8b1cf56dc8f3e1f1ad54a8389c5cc99beddeb82bcdeba1c41a96abf598a3af9b7671326cefcb8f5b2740ea2afcd4021487a562ee362c598654818bc7fe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.chess.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\2f8289a9-bb01-4f94-8782-718358977347.tmp

Filesize
371B

MD5
1e491d948a7fdcb56cf83e338bfb2c5a

SHA1
fdebe88b9045c31cd8ed25b62697460ba5e6b119

SHA256
3750642a5ae322f1e383f69388da1ad9aa8a2f5dae09fc5ef0845f35cf9c5b1d

SHA512
f8a99432c0dacd3359d30e42ed2fe182a910210dc7c1b1e23195566a9e392df1a02d3c43f4500019d577293c1f202a70ac1873da38d91ce5f38323cc302908f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
14KB

MD5
91dd609e57a9a1bd57d9510869e3dfa7

SHA1
1e73884308578b0385711d4d5ccd59482457a5cb

SHA256
c192c5023eac998b7d354713681fa172827ec5b38156870c027223b7cbde6292

SHA512
a245c78b417038d094a778965a0a1d9312aef0c330d872bccb9d6574d0ab3bf105263e9410b524833b4eb1589c192c8bc86d4fc6162070e7c7beffac7009fb2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
f6370172f813bf5a56ef03ab136a8ce1

SHA1
e7c7aa3298e410c8667674bf13710b73e0c129d1

SHA256
590f40503ace34f204b8dc6ce63984a1a235a766f339ac727c6635c3e2b44e24

SHA512
90a38f985e8e2ad06c6f5b3897df810d9060db2cd6d529ef7e557370b73aa7d9c7a8068de21847f1630ae7c9788754f38bf38894c7f495323f4d8e2c0da4c1de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
abc52e4a534efb7d0d0ee645c754f67b

SHA1
1ba901d96586d7d9d933b03cf5b1731f46a7b6d4

SHA256
ed73f6ea4e63d33dc5b1565c783d84b9dc35556681ff22762415bacba6d7fa2d

SHA512
98dcf68185345879fcd305e2671e71aae045237823288930f24734bdd6399df9d57c4fef82837493aaa139d587c1a5253d0d7c6d437d36386d5661afc4358e19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
f67ce4fe7673be0e583768bcc1fbf3d6

SHA1
0db6597ae4dfb443bf42ab784e5fa5b2b7b6f179

SHA256
39ee328f5a00fb1a0dadd2c2cc33835bd70f21f85252808aff56e2fc758de442

SHA512
4c0acffb0d4ffa98bb68c98c1109e29b469a9eb714953567f39952219ca5e15ede420cd4ea0434b12b6bcc38af291f0fcf2990608de47aad81d181cdb1ab8b55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
363fa030c8835a9e80774fdc89898e0f

SHA1
d80d42647502e7759527e32858007cc27450a1a2

SHA256
322bf8ff9b0979e596754716cb1a77499f04d6eebe5949eadd719bf2c87bd203

SHA512
3e495b53946d7b0b576cc4f1c2ed3d31f7014f99ff7bd0ba2546354cd2ebde539d041e93735efb4fe1df62888ec68b523a71811a2eefccaac95706b3d1bc16c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1ef40d666228e4d1cb8acf4f6c1e57ab

SHA1
3695dcfb38f8235a0c24d9bce04c45d05eef2dac

SHA256
d412b54843aa30ce5289d1210856eb51624e0228227e7c0c67c0cd57f58235ae

SHA512
97948cfba60029845c27b57f9c88677f01372b6ab0a626590eb2f40e425a59fa6ce7566cd7fba32f3dd38d0e590397d6adcaa632eafbb79d01009078734ddaff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
08e0f8f690162ebd8013b6caf0548ac5

SHA1
166b5beea55a7c5517f3d6ac70632cb80eee4765

SHA256
437318f88be815cf2b2974ea5a4b2518d42fe2fc64a8da0f9a4b50d9f0fb71a0

SHA512
b91fd0000ca785e565d116c564842f6286b5bc3fca2464a0fc4d9338d51dfa6b8d8a7499941642e1967b63dbeac7affea6bedbf3d9485e55a49aadebee345ec4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
4b3a7783eb0db2817fbcbd438b2d4967

SHA1
e3475336bf8de4762df1d622f68495f04f641a02

SHA256
ca4db191614e41f85bf1ffbedf7f682f389b55e39c73d479624c8c53faceab20

SHA512
3b4b2b76957b060e3289241ea4e47cc32352bcbd930a8e2d32f05419ad9887c214e7dbc965a4fa5a10f86f52cc709deecba91d26761f020ac90f9ea97549c69b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
e518cefce0aea393da3333f93330901b

SHA1
37e29584784aead8e85599dd6a2066ebf14e495f

SHA256
5c95a4baf803bb79ad24d4b8795c90096a86d8712b138914671ee4cde510b746

SHA512
2dbb7bd13d7b0b29f4861ae9c95f6963f48f980fab3b4a49aafb6c70a05e6890d038893aa929d1cd703648a88ebe115085b543991b8bc3d75eacb878e701f62e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
a766e6a704a56c7b1a42f5e21875dd5d

SHA1
260e19c86057c27199cbefd9f23679d81e914c68

SHA256
49c3c5e48593fbb7fc9e06f823c118c862716780ea440af433c693dbe168f365

SHA512
3982bbfae9a84032854386b53c6944d8bbc9666568c5d767de5c985f2e17e7df257f3705f5d444bd4589b17a731541b9ae28a3527c87311f090ed0674b15990d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
70287265a17704e22335a0f18063d0c0

SHA1
b23238c70e23a52a83e30ceab72e49538844197d

SHA256
dbaa170d5d0405e6c9f14f91022b66b2fa761b77235d2f7b725a8fab84817b3f

SHA512
d8a0a2629d7dbe1cd5d2d95f432235141b31773b1714d61c826685f1e3a9c437d83d9881dc8f2eb3a0ebd0675f347dce52342f38191598e752a4d2b564c337c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2f0afec944ffbbc2c0c9b0ac1445d126

SHA1
e4a331731ecccd3fcea6ddde41679eb063624349

SHA256
58329f2010883b5bf59a3de3b120cac182cf0cdf53a6ce064c072a7a4082d6a5

SHA512
30e4ebee7bf8abbc6d9ec7767ba083bf9ff87a2a00ce31d01205eac6b15a85ef46789ba575df19b8cc8bfa0d3a57ee4e34b286f50b5cc6064ca2f21cf5cf9c2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0f455eda87b4138c02e1b64082509652

SHA1
83f1323e7c6ea6c239ae596de039032404de1e37

SHA256
0b79b404ff02fab9cfc790403da2d04c367d3e30074677ad12a3843c7d2200fc

SHA512
0b93039f8fe844dd9a2ac11774b937df2fd611c0009c64176b8d4013239f7a62b005216743b7cf46e56f24c347585622083ead6a6e5834d049d354f3f5a38a26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
88b40aa6e37706335c83a55c92e1a5c3

SHA1
3c90fbd385cb0c132461e65b37daee824a698c8f

SHA256
aacc9908dab868175b23780d795e40c0c0a911d1330ff970c1e0bcae8442e146

SHA512
48849e212672254f73dc2643ce28bfcb722038df6a4dc691ee6fa30907eae283ce4e5bf0342e54ffea7d04ac9ea9f21bd4b2941dc532192b13e9455e36f2833f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
9b4e9c7ec1dfca71997df3d679f227b7

SHA1
8f1a8e172642e6496f8a544b624aea920a462713

SHA256
1017acc07eb873b8d2834553fdbb7a2be80ef6b3ab14afc85a3d6d28af0872e6

SHA512
a3d6bf5b6f6b06f9ada0b02e32e60476dd4775fdd48057985e333e2e56e8a6ba9cdc0b3870946059dc7a956f5be5a2fb7499704335ada121efee718e7155cea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe659b80.TMP

Filesize
48B

MD5
2f69213474f9e5e36db8e17f88087081

SHA1
6ad90635865b8a944629bb288ff5afcd9c118c19

SHA256
115e947c5babc0ad708cf66478ba1f3173f1dae45aa51876dccaafc0f9ab9d5e

SHA512
f7e116e2968f54585ebe72ece8e7ab05118c6b92bd38f234b58e50973e4d2dc4c68442b9113a54cd56b6415c82a41d0574f3a1bdf21ec274a85b5d84a7b09be4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
145KB

MD5
96253b72facb5cd3379f067f7164e985

SHA1
d8c5e58f1c70077b8024e2f8f789520fb994453b

SHA256
56d206b1d5bdc8bd5f70424039eab41d1ce7a3ab8a7b38fce91584457405d7de

SHA512
ec805405b28fb79c5bd725688763e8043d1b75c9b84a4fe7062d506ec0dd9bf287da17af59dc0bb932c8fe7aeed9aa8faca88358b07dacab0b686a56032d5f0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
55ffa0fe2ba6309e9dba85a37acbb03d

SHA1
bba41631b70764262c7c470b61615a60c7a829f9

SHA256
b025235d45f10d6e2f296347c5725b9696ac452cf4db8c1881c5a8df166e3b13

SHA512
9d56cc86bdff7a2430769a0d763f473ac21dac645cd38d134ee56219bee687256dae283ffd12ef01d9b00c4a9b62c178b303b6aea08b7fab08cf135e1d52db2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
ad43c80b59368ec68dacc448df73e559

SHA1
f28264d3d037922e1341ea0d32cbce68b712d834

SHA256
5d9bb2d568a6a3de5f79e49062587d353b90f1d589d73610faa3787be5688c81

SHA512
3d4011c633585875bd38097512a9cb817092f1efc8eb93b0d485cf27d04571b4a502ea49c816cc40c4a8dfde199dc2a93df3954dd445e38b0a2d2dbc779404ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe653813.TMP

Filesize
97KB

MD5
653ee8bf8a578e5db8de4601b77e0d5b

SHA1
83b374ceec83b0789856fed835d488ecb936ddc0

SHA256
6a1a52f124a006d52dd6f6ceceb1e5524b3213ce7bffb61b6582890f47a5c942

SHA512
b70fd351a1be45bde48b9330f1d98d2368b7e6f372a613a734519ca30e44020a6d3b753d93dc1c9a0a85656d006e739287e3c6ef562a154c34db534f454ecbb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit