Analysis
-
max time kernel
152s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20230221-en -
resource tags
arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system -
submitted
16/03/2023, 17:46
Static task
static1
Behavioral task
behavioral1
Sample
Chess Master.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Chess Master.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
lib/stockfish.exe
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
lib/stockfish.exe
Resource
win10v2004-20230220-en
General
-
Target
Chess Master.exe
-
Size
83KB
-
MD5
05835ced0124d967ee2d1dfbd0448334
-
SHA1
ff24e80801fd73dcfbd3a43f984dff7d2980b91d
-
SHA256
8e2b1a8b0bd4a33c40ee3a1dd2ccd05263eff0c6bc409db25b5ca5b70d50ad3b
-
SHA512
43b01c3d0988fbbd0c3efb1256459d0cd1d9928fe35bacf93c7abbfd54c1c536d5eb96d8b3736d25ebe02d0afa2ef3bf578193f92bae905da189189f36e9fe4c
-
SSDEEP
768:sOf+p+W+7pd1W6Mpnlg5bsibOMvDiO/18NEfg7i4ThlNefBYnUJYcyKkfep:sKonKZ/94Va59Xkf
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3036 2360 WerFault.exe 93 -
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133234661206617679" chrome.exe -
Modifies registry class 1 IoCs
description ioc Process Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2805025096-2326403612-4231045514-1000\{78B7BB26-9FCA-42C9-8990-B967EDF85DF0} chrome.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 388 chrome.exe 388 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 62 IoCs
pid Process 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeDebugPrivilege 4456 Chess Master.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: 33 1000 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 1000 AUDIODG.EXE Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe Token: SeCreatePagefilePrivilege 388 chrome.exe Token: SeShutdownPrivilege 388 chrome.exe -
Suspicious use of FindShellTrayWindow 28 IoCs
pid Process 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe 388 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4456 wrote to memory of 1252 4456 Chess Master.exe 85 PID 4456 wrote to memory of 1252 4456 Chess Master.exe 85 PID 4456 wrote to memory of 2360 4456 Chess Master.exe 93 PID 4456 wrote to memory of 2360 4456 Chess Master.exe 93 PID 388 wrote to memory of 3656 388 chrome.exe 103 PID 388 wrote to memory of 3656 388 chrome.exe 103 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 3496 388 chrome.exe 104 PID 388 wrote to memory of 2352 388 chrome.exe 105 PID 388 wrote to memory of 2352 388 chrome.exe 105 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106 PID 388 wrote to memory of 4196 388 chrome.exe 106
Processes
-
C:\Users\Admin\AppData\Local\Temp\Chess Master.exe"C:\Users\Admin\AppData\Local\Temp\Chess Master.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4456 -
C:\Users\Admin\AppData\Local\Temp\lib\stockfish.exe"C:\Users\Admin\AppData\Local\Temp\lib\stockfish.exe"2⤵PID:1252
-
-
C:\Users\Admin\AppData\Local\Temp\lib\stockfish.exe"C:\Users\Admin\AppData\Local\Temp\lib\stockfish.exe"2⤵PID:2360
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2360 -s 1843⤵
- Program crash
PID:3036
-
-
-
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -pss -s 484 -p 2360 -ip 23601⤵PID:1388
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:388 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc71489758,0x7ffc71489768,0x7ffc714897782⤵PID:3656
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1836 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:22⤵PID:3496
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:2352
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2280 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:4196
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3224 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3224
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3256 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3932
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4576 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3752
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:3220
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4764 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:1276
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:2328
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:4928
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5200 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:4064
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4880 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:1304
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5328 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:1644
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5472 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:4060
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5436 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:1544
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3252 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:936
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5976 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:5080
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5908 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:2224
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6112 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:5112
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6236 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4508
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6296 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4804
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6436 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4288
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6596 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4892
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6776 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4200
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6936 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3604
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7112 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:2044
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7124 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:2112
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7432 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3688
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6616 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5200
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7628 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5264
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7720 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5272
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=7708 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5452
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7584 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5496
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8332 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5580
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8508 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5652
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7572 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5748
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7636 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5844
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8168 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5940
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8988 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6128
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9116 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5184
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=9120 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4304
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9424 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:5780
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=9628 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6176
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9808 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6240
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=10028 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6332
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9592 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6340
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=10256 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6504
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=10412 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6512
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=10400 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6640
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=10844 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6740
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=10980 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6812
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=11108 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6820
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=1696 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6948
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=10932 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:7016
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=10628 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6936
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=7028 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3748
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8528 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵
- Modifies registry class
PID:3972
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=6988 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:1136
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=7000 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:2952
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=7012 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:2708
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=6972 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4504
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=6948 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:448
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=10568 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4720
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=6720 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3600
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=11216 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:4012
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=6624 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:1852
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=6728 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:1680
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=11116 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:7012
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=11140 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6352
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12008 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:7004
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12140 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:6996
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=11100 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6988
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=7248 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6984
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=11584 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6968
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=11604 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6980
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=11400 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:6960
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=11404 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:12⤵PID:3144
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11052 --field-trial-handle=1856,i,5517593392208154832,4843238887168741033,131072 /prefetch:82⤵PID:5188
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2728
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4bc 0x44c1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1000
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD555540a230bdab55187a841cfe1aa1545
SHA1363e4734f757bdeb89868efe94907774a327695e
SHA256d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54
-
Filesize
50KB
MD5b6e88a3579b069d1dfa508ce80141692
SHA158ca857eccab1029cee1fdf9c6e58c6213104890
SHA256ee93e8531617814b75b8ba779b12fbed8cefd2ef3e59ada38e06f7fa2c3b02de
SHA5121cce85aaa83000f5a1ddb82b6ff10cdae7af79aed4695d2144c0e5bdb4217d48f101c56295c4ebfcd88c9317f66ba5a34e44b5c846c055c94c3d9a6ff52c681f
-
Filesize
35KB
MD5bde955da2650abb5aa4a45005f8987c9
SHA146bb3e8cfcec6d55f9d43c15bb6390a1202cd02d
SHA256a48f2afad767c0fae12ee56644fd7d6a3dab05715e175368e458eff81e62d748
SHA5127d7cd4c58847a48755c48a4987afc5c1a6ac1913b374408b92f4f3650b7c50f5ec709bdc416e28be981a05b492d2160915db0a067e5641d5fbdfa97e1d5095f9
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
Filesize16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
Filesize23B
MD53fd11ff447c1ee23538dc4d9724427a3
SHA11335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA51210a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824
-
Filesize
4KB
MD50f45153e42f7ba206f1505b029eb7fc2
SHA1a0c6e185a0de0e9af0a9ccbc205585d0f2d9e8fa
SHA256098815a199f7e88c0158ab6e6e56981cd541fc29489282364f038af8ba7acd94
SHA5122e2702b5731e17ba4bd46ed245c31fcf3c9a0a40ad2b681389383b9b69ebf82eeb0943cfced8c8b2e805c8180759680ccfe49f9a2941795212c4518747c59d36
-
Filesize
5KB
MD55dca7e3bb00fd21ab20b70751efc16f8
SHA182e1d115e2b9dbeb4325603f03aca586861d2bde
SHA25653f5e15045a18aeeaa017e6837c8dc8820c1dfc675de4a48a3fd4855ea84fb4a
SHA512a9a6cfeafaec5e63b661928576bec9c388ac9465f0a46aa98fc93e4f3809ace9753e9983049b249dd03536bead9ab66ce14f256be24106bc83d4de80f195ced9
-
Filesize
371B
MD51c95365c3bec7bec6a5520c4064591b2
SHA12defefe5ebaf4fb9dca775724af35f550d080452
SHA256c2e387bcfca15dd25b5fada9d2a2af72349126d4465aa5cb4f16a2400bed56ac
SHA512f197d13cadd8a3e3c50d8d192913c0cb9742dfa1fbc37fbf8d1eb0b3555fc661d764c9542976f949bd641d3830421eec23dd5edda5abe25b079d0274f6a42dbc
-
Filesize
2KB
MD54a01e8474792254f47309150b96fb2e1
SHA18bd62ede1206763d4d51a0ce97dd547e7abdbc15
SHA2566bcff67543781697d04452ab0cddecc12d5366705a7ff69c376c770db7c5f3e0
SHA51299f57c900010fab0c56fdfb6524b3b0cb62c0cf3e1fad195121a30f0ca4b4f7c7444541b83aca8b365179af03e9f6116a415cc89627f34e9b911ce41fdcfae8d
-
Filesize
6KB
MD5f2b229e519f54e7573ba1e51a2a1da6e
SHA154b6f465db6841fb9cea20fa93442fbc0738954d
SHA2566ed3f4f7db0bc190777fd82706d801a2380a730e0147c2598fa8e8d3e1eb8fb2
SHA51298cff969e8daed691f320770d9ecf053bb16cf3301ae5124132477d407de3523a291b7b1d0107b1136d271d97366167d20e4508a95d1c2be6a7427cca680d5a4
-
Filesize
6KB
MD50b1a4280a78e9b6953bdfcb912e5337e
SHA13464d0184c1fc6cecffde341d0c344009656573d
SHA256e054e40efccbb4b7779f47d3505f02aad2d8701a6327157ecb1846f7712ca3fa
SHA512eb2e0d6c32ee956e095e02126f027fbfe4aad3d1dda00cb64dff3f99b9625f8d0b9482752e1799e7ae30323fc82716675a5110d5e1148feda57acab82ad7dfd5
-
Filesize
7KB
MD5266ce1b67dcd4edccde028f799cfd091
SHA1d3a23a512685b338360a94e34af90ccae3d8d80b
SHA25654ec313900f28bb09df32b4165f55a6ae1fd6136f2fdef4bf1192769fcc0ceb2
SHA512c0c11801a981d592202a0a3f0735d864ffec77f0680de6a837a65f833dae6b8e13f74e04f4e52ffd8dddee2a3049d51f8bac092281f109ae841f838643d0ca16
-
Filesize
6KB
MD58c1190d1b176a12b13cd1557485af7b4
SHA16b0cb371b4ef56a2676af4f5c34ac7fd88e90364
SHA2565d02302713e35580519762d541f06892fe55fde37cd2574fe78ac8513b2b1bd5
SHA5125d6f9755485766b8d024229ad772c33cd344e5bda7d4f8b587b17022c263ef141dd8371e7ef04f4c7554e05820b386ddb63c3b3d2c5da8ee0ef10427d55b082f
-
Filesize
15KB
MD59810b8c346678a77f38e9dab200d52ed
SHA158813c0a36f6d5c5f741787f643cf580fc8b25c8
SHA2560384a38634dbaccb5c5887e8d9de7532f28aa59082018ba889c242d2b14201c2
SHA512842448deda51605cd5b90a890be4cd391d1ba0e27d21a776cb9da215a141160d961c25b01e44a255e980bb4bac12be48e756d2f4faa023d5f7c7fbf2042a4baf
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize56B
MD594275bde03760c160b707ba8806ef545
SHA1aad8d87b0796de7baca00ab000b2b12a26427859
SHA256c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA5122aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize120B
MD5cdfa5bb7ef6ccaa3a5be443d1f81d42a
SHA14505d49db4018f723377ad7c7e1a26c68cbd652d
SHA2566f26e95cc81b200203a939bf15ccd52dd2a351164fbee954fe42d9ad80834692
SHA51253e6f90e41a976549e0cf77f12bbfa3777b2d92881244a9dc198e1e5a18d81ed3683db18fed94aa92ebdf6f70675dd1b75499ceb366ca15296faead1012f4ba7
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5852ed.TMP
Filesize120B
MD5b64c313dcc11ee6db260e715d5aa8d3e
SHA139fdb700ff4cbd3d4f494514f7f42ccdb3178fd7
SHA256bb73bf202326402b9f574365a34cd4cfe9fdad319af29b9936023fec7034a3f2
SHA5128a4bb0f24bcb6fa08a6cde1788b0d1afb5caf6d714a50612c5e3fc8137bf8063f5bdf81ab92f7c6553feb6d86ae0ecd952d93bbb31bfcca6517272df5fb91e21
-
Filesize
142KB
MD522a90c340ba37d23f43f8ec1641b1723
SHA1c2f2498b4831ceee627430395873462b983fb983
SHA256db6dddc684b6ca343ce22801cbfc85c37566484625365bd6d1f468fb961d8ab8
SHA512a33317885b7ed0bfbfe80c38df9b943c5724559fda8952f143aba29850dfb2346e67786900e1d13b8c9bb063e2677c04fc954aa87ce239640c4f3e121ad3e89e
-
Filesize
142KB
MD5994976b52d5e2ca30d09a67541a404ab
SHA153aa26a5e7f578c752a43a1a6eed769141ee65ca
SHA256fa19eb305e83af4cce02368945fc5b822e50aa792eb3c3a2a7bbab5d8b401893
SHA51208906d42ce0fdb1ce5be0265d407bee03b1334009a60c4c5edae45c5a0e836dddc665bedb8288839f31af7e9687eef1fa089fc08caf660270aba2e78d744c68d
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd