lumma | ec6df713446a8dd5efb376fbb7b444ed7e09f5cdd98c0494999b64af2e2d5537

Analysis

max time kernel
1690s
max time network
1693s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
31-03-2023 22:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

krnl_beta.exe
Size

1.8MB
MD5

3701dc535fb395d6a1fb557a3aeec5e9
SHA1

ef517659229ddc6ecfc02481c3953ac9322dae35
SHA256

ec6df713446a8dd5efb376fbb7b444ed7e09f5cdd98c0494999b64af2e2d5537
SHA512

20dc14387138f913034bd2c265156dca1f36c128c040a99d6904fe6f1830d2f98afb3dcf0553817adb66e480be7d0fb0d7df58f0feb9b007a5a6bab648b081a2
SSDEEP

49152:+P1uB0SVp4+KSxyrRUzS65+x+rnxYr9PC:+Pk0ST4+RgRUzS65+x1ZPC

Score

10^/10

lumma discovery evasion spyware stealer trojan

Malware Config

Signatures

Lumma Stealer
An infostealer written in C++ first seen in August 2022.
stealer lumma
Downloads MZ/PE file

Checks computer location settings 2 TTPs 6 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

KrnlUI.exeRobloxPlayerLauncher.exeRobloxPlayerLauncher.exeRobloxPlayerBeta.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Control Panel\International\Geo\Nation	KrnlUI.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Control Panel\International\Geo\Nation	RobloxPlayerLauncher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Control Panel\International\Geo\Nation	RobloxPlayerLauncher.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Control Panel\International\Geo\Nation	RobloxPlayerBeta.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Control Panel\International\Geo\Nation	CefSharp.BrowserSubprocess.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\Control Panel\International\Geo\Nation	CefSharp.BrowserSubprocess.exe

Executes dropped EXE 13 IoCs

Processes:

7za.exe7za.exeKrnlUI.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeRobloxPlayerLauncher.exeRobloxPlayerLauncher.exeRobloxPlayerLauncher.exeRobloxPlayerLauncher.exeRobloxPlayerBeta.exe

pid	process
1268	7za.exe
4388	7za.exe
2504	KrnlUI.exe
1300	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4800	RobloxPlayerLauncher.exe
5244	RobloxPlayerLauncher.exe
1912	RobloxPlayerLauncher.exe
1952	RobloxPlayerLauncher.exe
5360	RobloxPlayerBeta.exe

Loads dropped DLL 58 IoCs

Processes:

krnl_beta.exeKrnlUI.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeRobloxPlayerBeta.exe

pid	process
2404	krnl_beta.exe
2404	krnl_beta.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
5360	RobloxPlayerBeta.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Checks whether UAC is enabled 1 TTPs 2 IoCs

evasion trojan

System Information Discovery

T1082

Processes:

RobloxPlayerLauncher.exeRobloxPlayerLauncher.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	RobloxPlayerLauncher.exe
Key opened	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	RobloxPlayerLauncher.exe

Drops desktop.ini file(s) 1 IoCs

Processes:

svchost.exe

description ioc process

File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini svchost.exe
Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

description	ioc	process
File opened for modification	C:\Users\Admin\Videos\Captures\desktop.ini	svchost.exe

Drops file in Program Files directory 64 IoCs

Processes:

RobloxPlayerLauncher.exe

description	ioc	process
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Squads\t.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\AnimationEditor\btn_collapse.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\NetworkingUserInfo\NetworkingUserInfo\networkRequests\createGetFollowersCount.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Shared-07417f27-17.0.1-rc.17\Shared\Symbol.roblox.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SceneManagement\SceneManagement\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ui\icon_admin-16.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\places\MobileChatPlace.rbxl	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\JestConsole-edcba0e9-3.2.1\JestConsole\BufferedConsole.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ShareLinkInvalidModal\ShareLinkInvalidModal\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\NetworkingUserInfo\Rodux.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\roblox_networking-presence\lock.toml	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\RoduxNetworking\RoduxNetworking\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphqlHttpArtifacts\GraphqlHttpArtifacts\players-success\thumb\get.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\avatar\scripts\characterStateMachineLoader.rbxm	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Emittery\LuauPolyfill.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\JestConfig\JestConfig\setFromArgv.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Merge\Merge\typedefs-mergers\type.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphqlHttpArtifacts\GraphqlHttpArtifacts\virtual-event-update-rsvp-success\apis.roblox.com\post.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialLuaAnalytics\SocialLuaAnalytics\Analytics\FireEvent\toStringAdditionalArgs.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\AnimationEditor\btn_edit.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ViewSelector\back_hover.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Shared-07417f27-17.0.1-rc.17\Shared\ReactTypes.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\FriendsLanding\FriendsLanding\Components\FriendsLandingPage\noResults.story.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphQLServer\GraphQLServer\graphql\resolvers\mergedResolvers.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\UserLib\UserLib\Models\MockUser.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ui\Settings\MenuBarIcons\[email protected]	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Expect-edcba0e9-2.4.1\lock.toml	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\textures\ui\LuaApp\icons\[email protected]	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\JestDiff-edcba0e9-2.4.1\JestDiff\Constants.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Collections\Collections\WeakMap.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\InfiniteScroller\InfiniteScroller\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\TestUtils-edcba0e9-2.4.1\JestTypes.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Util-96003ad7-0.7.0\lock.toml	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ui\InspectMenu\[email protected]	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\RobloxShared-edcba0e9-3.2.1\lock.toml	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\QRCodeDisplay\QRCode.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\RobloxAppEnums\RobloxAppEnums\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\SocialTab\SocialTab\TestHelpers\isAutomaticSizingEnabled.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\textures\ui\LuaApp\category\[email protected]	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\ExperienceChat-201ca530-56b79d20\ExperienceChat\Commands\RBXConsoleCommand.spec.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-2fca3173-0.3.4\LuauPolyfill\Array\reduce.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\RoduxFriends-0ba25b72-b001fcbe\RoduxFriends\Reducers\Friends\requests\receivedCount.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ProfileQRCode\ProfileQRCode\Flags\getFStringProfileQRCodeFriendRequestAlertsLayer.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\Expect-edcba0e9-3.2.1\Expect\utils.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\JestConsole-edcba0e9-2.4.1\lock.toml	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\llama\llama\Dictionary\set.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\RoduxShareLinks\RoduxShareLinks\Enums\LinkType.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\NetworkingContacts-96003ad7-1.12.0\NetworkingContacts\networkRequests\createGetContactEntitiesByContactId.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\ReactIs-a406e214-4230f473\lock.toml	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\UserSearchTestSuite\UserSearchTestSuite\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\AnimationEditor\img_key_border.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ui\PlayerList\developer.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\DomTestingLibrary\DomTestingLibrary\event-map.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\LuauPolyfill-12e911c4-90b08185\LuauPolyfill\Boolean\toJSBoolean.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\RoduxShareLinks\RoduxShareLinks\init.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\PrefetchProtocol.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Otter\Otter\.robloxrc	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\PlatformContent\pc\textures\plastic\normaldetail.dds	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ui\VoiceChat\SpeakerLight\[email protected]	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\GraphQL\GraphQL\execution\__tests__\executor.spec.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\JestCore\Promise.lua	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\content\textures\ui\BottomRoundedRect8px.png	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\textures\ui\LuaApp\icons\[email protected]	RobloxPlayerLauncher.exe
File created	C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\ExtraContent\LuaPackages\Packages\_Index\ExperienceChat-2bd849d2-78d25f7e\ExperienceChat\Actions\LocalCharacterLoaded.lua	RobloxPlayerLauncher.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 44 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

svchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	svchost.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	svchost.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer settings 1 TTPs 12 IoCs

adware spyware

Modify Registry

T1112

Processes:

RobloxPlayerLauncher.exeRobloxPlayerLauncher.exeRobloxPlayerBeta.exe

description	ioc	process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0"	RobloxPlayerLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	RobloxPlayerBeta.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\RobloxPlayerBeta.exe = "11000"	RobloxPlayerBeta.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox	RobloxPlayerLauncher.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player	RobloxPlayerLauncher.exe
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player	RobloxPlayerLauncher.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio	RobloxPlayerLauncher.exe

Modifies data under HKEY_USERS 32 IoCs

Processes:

svchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exesvchost.exechrome.exesvchost.exesvchost.exesvchost.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "5"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "9"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "15"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "11"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "16"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "1"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "6"	svchost.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "4"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "13"	svchost.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133247809770065414"	chrome.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "2"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "12"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "17"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "18"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "3"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "14"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "10"	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "7"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe
Set value (int)	\REGISTRY\USER\.DEFAULT\Software\Microsoft\Direct3D\LastTelemetryChangeStamp = "8"	svchost.exe
Key created	\REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Direct3D	svchost.exe

Modifies registry class 62 IoCs

Processes:

RobloxPlayerLauncher.exeRobloxPlayerLauncher.exesvchost.exesvchost.exesvchost.exesvchost.exechrome.exesvchost.exesvchost.exechrome.exesvchost.exesvchost.exesvchost.exesvchost.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioLauncherBeta.exe"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\DefaultIcon	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\URL Protocol	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\ = "URL: Roblox Protocol"	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe"	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe\" %1"	RobloxPlayerLauncher.exe
Key deleted	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\ = "URL: Roblox Protocol"	RobloxPlayerLauncher.exe
Key deleted	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open\command	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{33E5E126-B40D-4B5C-BA15-1D23A540531C}	svchost.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open\command	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\URL Protocol	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe"	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioLauncherBeta.exe\" %1"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe\" %1"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{E5A7E3F9-22B4-42E3-A436-D8B8FAF6FCD5}	svchost.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\DefaultIcon	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{BF5DA911-878C-4C24-BDD0-4AE7E8E5BE07}	svchost.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{0C664EA2-195D-4F6F-A8A5-558F2510567E}	svchost.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe\" %1"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{1DF61756-25F5-43E0-9012-26A45D33DE86}	chrome.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{5D7D4774-6E28-4607-A0AC-5D181E1F7220}	svchost.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\ = "URL: Roblox Protocol"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell\open\command	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{A341F877-933C-4A5A-A952-AB95818AA3E0}	svchost.exe
Key deleted	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open	RobloxPlayerLauncher.exe
Key deleted	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe\" %1"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open\command	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\URL Protocol	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\ = "URL: Roblox Protocol"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{CDEC4392-D4AE-46A3-8EE1-33566F32823C}	svchost.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\URL Protocol	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\ = "URL: Roblox Protocol"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\DefaultIcon	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell\open\command	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{3EFB5876-285B-40C7-939B-DEA7C5666AD9}	svchost.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{3E8A58D7-458E-4C31-BCC5-E1ADBA8E31E4}	svchost.exe
Key deleted	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\DefaultIcon	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe"	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\URL Protocol	RobloxPlayerLauncher.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\version-be30b823d3fc46a0\\RobloxPlayerLauncher.exe"	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox\shell	RobloxPlayerLauncher.exe
Key created	\REGISTRY\USER\S-1-5-21-1529757233-3489015626-3409890339-1000_Classes\roblox-player\shell	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\roblox-player\DefaultIcon	RobloxPlayerLauncher.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1529757233-3489015626-3409890339-1000\{6447C389-37D6-4960-95EE-BD0E00559D60}	svchost.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

chrome.exeCefSharp.BrowserSubprocess.exeKrnlUI.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exechrome.exeRobloxPlayerLauncher.exe

pid	process
4208	chrome.exe
4208	chrome.exe
1300	CefSharp.BrowserSubprocess.exe
1300	CefSharp.BrowserSubprocess.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
436	CefSharp.BrowserSubprocess.exe
436	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
780	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
2404	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
4900	CefSharp.BrowserSubprocess.exe
5376	chrome.exe
5376	chrome.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
2504	KrnlUI.exe
2504	KrnlUI.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe
4800	RobloxPlayerLauncher.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

RobloxPlayerBeta.exe

pid process

5360 RobloxPlayerBeta.exe

pid	process
5360	RobloxPlayerBeta.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

Processes:

chrome.exe

pid	process
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

krnl_beta.exe7za.exechrome.exe7za.exeKrnlUI.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exeCefSharp.BrowserSubprocess.exe

description	pid	process
Token: SeDebugPrivilege	2404	krnl_beta.exe
Token: SeRestorePrivilege	1268	7za.exe
Token: 35	1268	7za.exe
Token: SeSecurityPrivilege	1268	7za.exe
Token: SeSecurityPrivilege	1268	7za.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeRestorePrivilege	4388	7za.exe
Token: 35	4388	7za.exe
Token: SeSecurityPrivilege	4388	7za.exe
Token: SeSecurityPrivilege	4388	7za.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	2504	KrnlUI.exe
Token: SeCreatePagefilePrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeDebugPrivilege	1300	CefSharp.BrowserSubprocess.exe
Token: SeDebugPrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	2504	KrnlUI.exe
Token: SeCreatePagefilePrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeDebugPrivilege	436	CefSharp.BrowserSubprocess.exe
Token: SeDebugPrivilege	780	CefSharp.BrowserSubprocess.exe
Token: SeShutdownPrivilege	2504	KrnlUI.exe
Token: SeCreatePagefilePrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeDebugPrivilege	2404	CefSharp.BrowserSubprocess.exe
Token: SeShutdownPrivilege	2504	KrnlUI.exe
Token: SeCreatePagefilePrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	2504	KrnlUI.exe
Token: SeCreatePagefilePrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe
Token: SeShutdownPrivilege	2504	KrnlUI.exe
Token: SeCreatePagefilePrivilege	2504	KrnlUI.exe
Token: SeShutdownPrivilege	4208	chrome.exe
Token: SeCreatePagefilePrivilege	4208	chrome.exe

Suspicious use of FindShellTrayWindow 43 IoCs

Processes:

chrome.exeKrnlUI.exe

pid	process
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
2504	KrnlUI.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe
4208	chrome.exe

Suspicious use of SetWindowsHookEx 5 IoCs

Processes:

RobloxPlayerBeta.exeOpenWith.exeOpenWith.exe

pid process

5360 RobloxPlayerBeta.exe
5360 RobloxPlayerBeta.exe
5408 OpenWith.exe
4968 OpenWith.exe
5360 RobloxPlayerBeta.exe

pid	process
5360	RobloxPlayerBeta.exe
5360	RobloxPlayerBeta.exe
5408	OpenWith.exe
4968	OpenWith.exe
5360	RobloxPlayerBeta.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

krnl_beta.exechrome.exe

description	pid	process	target process
PID 2404 wrote to memory of 1268	2404	krnl_beta.exe	7za.exe
PID 2404 wrote to memory of 1268	2404	krnl_beta.exe	7za.exe
PID 2404 wrote to memory of 1268	2404	krnl_beta.exe	7za.exe
PID 4208 wrote to memory of 4848	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 4848	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 1980	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 4372	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 4372	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe
PID 4208 wrote to memory of 3972	4208	chrome.exe	chrome.exe

C:\Users\Admin\AppData\Local\Temp\krnl_beta.exe
"C:\Users\Admin\AppData\Local\Temp\krnl_beta.exe"
1⤵
- Loads dropped DLL
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2404

C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe
"C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe" x "C:\Users\Admin\AppData\Roaming\Krnl\krnl.7z" -o"C:\Users\Admin\AppData\Roaming\Krnl" -aoa -bsp1
2⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:1268

C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe
"C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe" x "C:\Users\Admin\AppData\Roaming\Krnl\Data\Community.7z" -o"C:\Users\Admin\AppData\Roaming\Krnl\Community" -aoa -bsp1
2⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4388

C:\Users\Admin\AppData\Roaming\Krnl\KrnlUI.exe
"C:\Users\Admin\AppData\Roaming\Krnl\KrnlUI.exe"
2⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:2504

C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --log-file="C:\Users\Admin\AppData\Roaming\Krnl\debug.log" --mojo-platform-channel-handle=2132 --field-trial-handle=2284,i,10094058947058179918,5996322625070453706,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2 --host-process-id=2504
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1300

C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Users\Admin\AppData\Roaming\Krnl\debug.log" --mojo-platform-channel-handle=2144 --field-trial-handle=2284,i,10094058947058179918,5996322625070453706,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=2504
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:436

C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Krnl\debug.log" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=3032 --field-trial-handle=2284,i,10094058947058179918,5996322625070453706,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=2504 /prefetch:1
3⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:780

C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --log-file="C:\Users\Admin\AppData\Roaming\Krnl\debug.log" --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3024 --field-trial-handle=2284,i,10094058947058179918,5996322625070453706,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker --host-process-id=2504 /prefetch:1
3⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2404

C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
"C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --no-sandbox --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --log-file="C:\Users\Admin\AppData\Roaming\Krnl\debug.log" --mojo-platform-channel-handle=2272 --field-trial-handle=2284,i,10094058947058179918,5996322625070453706,131072 --disable-features=CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 --host-process-id=2504
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:4900

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4208

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa28a59758,0x7ffa28a59768,0x7ffa28a59778
2⤵
PID:4848

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:2
2⤵
PID:1980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:4372

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:3972

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3176 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3340

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3320 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:4800

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4572 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1880

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:1172

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4832 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:1888

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4972 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:2360

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3376 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1952

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4976 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1144

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3264 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:896

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5252 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:1912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:2928

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5544 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:1912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5452 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3744 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:5588

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5660 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1356

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5704 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:2804

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3408 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5716

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5772 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:5936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5916 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:4232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4632 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:4476

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5840 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:1764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4628 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:5052

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5896 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:828

C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe
"C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe"
2⤵
- Checks computer location settings
- Executes dropped EXE
- Checks whether UAC is enabled
- Drops file in Program Files directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
PID:4800

C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe
C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://upload.crashes.rbxinfra.com/post --annotation=RobloxChannel=production --annotation=RobloxGitHash=b30562552e929b28b3892128001fd4fb6e2722a8 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x6d4,0x6d0,0x6c8,0x6bc,0x778,0x98b480,0x98b490,0x98b4a0
3⤵
- Executes dropped EXE
PID:5244

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5956 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:5376

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4736 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:4828

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3364 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:1352

C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\RobloxPlayerLauncher.exe
"C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\RobloxPlayerLauncher.exe" roblox-player:1+launchmode:play+gameinfo:wSH5TyYhFhF93N8rY8R9p7DO6aK2QRzSGoUZrrN66lv7iJkQPQN6Zdx0q5PYG73Nyajuy_T96NCWgXnGZUe4htq-XAJXFq_WlgOOHWTa09TFa0kRAXNciUPqZQ_uKHtWeqacTFfipwteS32u8US-g1LW8C9YguVx4Ce1suWRc7NQ7rp1zlMlsshxhoobxpOgU14ABKqhjlnoK0DD8dJ60m6WmzG5FK__rdDrGhrJM40+launchtime:1680307557681+placelauncherurl:https%3A%2F%2Fassetgame.roblox.com%2Fgame%2FPlaceLauncher.ashx%3Frequest%3DRequestGameJob%26browserTrackerId%3D167653405506%26placeId%3D168556275%26gameId%3D40901702-8caf-4286-87f9-d6c813766abf%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D0f1c5741-4ee5-4b07-b1ba-2dee5ac07180%26joinAttemptOrigin%3DServerListJoin+browsertrackerid:167653405506+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
2⤵
- Checks computer location settings
- Executes dropped EXE
- Checks whether UAC is enabled
- Modifies Internet Explorer settings
- Modifies registry class
PID:1912

C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\RobloxPlayerLauncher.exe
"C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\RobloxPlayerLauncher.exe" --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://upload.crashes.rbxinfra.com/post --annotation=RobloxChannel=zflag --annotation=RobloxGitHash=b30562552e929b28b3892128001fd4fb6e2722a8 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x718,0x71c,0x720,0x690,0x728,0x101b480,0x101b490,0x101b4a0
3⤵
- Executes dropped EXE
PID:1952

C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-be30b823d3fc46a0\RobloxPlayerBeta.exe" --app -t wSH5TyYhFhF93N8rY8R9p7DO6aK2QRzSGoUZrrN66lv7iJkQPQN6Zdx0q5PYG73Nyajuy_T96NCWgXnGZUe4htq-XAJXFq_WlgOOHWTa09TFa0kRAXNciUPqZQ_uKHtWeqacTFfipwteS32u8US-g1LW8C9YguVx4Ce1suWRc7NQ7rp1zlMlsshxhoobxpOgU14ABKqhjlnoK0DD8dJ60m6WmzG5FK__rdDrGhrJM40 -j https://assetgame.roblox.com/game/PlaceLauncher.ashx?request=RequestGameJob&browserTrackerId=167653405506&placeId=168556275&gameId=40901702-8caf-4286-87f9-d6c813766abf&isPlayTogetherGame=false&joinAttemptId=0f1c5741-4ee5-4b07-b1ba-2dee5ac07180&joinAttemptOrigin=ServerListJoin -b 167653405506 --launchtime=1680307557681 --rloc en_us --gloc en_us -channel zflag
3⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:5360

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=1064 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:228

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5396 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5992

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4624 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:544

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6284 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:5796

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=2456 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5716 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5240

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5548 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3660

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6300 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3172

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6260 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:5352

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6652 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:3764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6796 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
- Modifies registry class
PID:5468

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6348 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:4960

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=3372 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5816

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6192 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5652

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=3352 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5544

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=4988 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5256

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7000 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:424

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=6964 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7100 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:5680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6380 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:6012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7248 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:2664

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=6196 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:4052

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7216 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3140

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7176 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:6024

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7144 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6020

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=5104 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5956

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7348 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:6024

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5268 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:3084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=7224 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:4216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=7128 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1864

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=7756 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5528

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=7888 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8176 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:2044

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=8460 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1720

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=8292 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5440

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=8148 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5048

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=8096 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1352

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9264 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3824

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=8832 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5056

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=8852 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6016

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=8820 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:2028

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=8276 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5432

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=4560 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9636 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6952

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=4552 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7064

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=9680 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7056

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=6900 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7048

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=3948 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7040

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=9716 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7032

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=6692 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7024

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=10012 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6472

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=10632 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3960

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=6764 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5424

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=10760 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6860

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=10496 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5356

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=10908 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=11084 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6088

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=11212 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6756

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=11052 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:4432

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=11532 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6584

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=3388 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5556

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=11772 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7248

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=11920 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=12052 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7396

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=12232 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=12256 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7564

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=9344 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7648

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=8844 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7768

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=12448 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7852

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=9036 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=9696 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6192

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=9760 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=10200 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7948

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=9076 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7788

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=11676 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:2740

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=11880 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:8184

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=11800 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:8164

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=11824 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:8160

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=12072 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:8156

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=12068 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:8144

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=11440 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:508

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=12084 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7212

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=10264 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7404

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=13156 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6660

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=9600 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=11512 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7872

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=11220 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3824

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=11488 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:3408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=12440 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=12696 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=12552 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7852

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=5064 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:5532

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=11476 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7428

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=11004 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6308

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=12580 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6820

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=4976 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=5000 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6512

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=129 --mojo-platform-channel-handle=12552 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7316

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6796 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:6692

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11068 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:8
2⤵
PID:7280

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=9308 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:1144

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=12128 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:7588

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=134 --mojo-platform-channel-handle=3184 --field-trial-handle=1832,i,15892841414519517217,10823768196467887618,131072 /prefetch:1
2⤵
PID:6700

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3816

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x32c 0x300
1⤵
PID:6004

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:2600

C:\Windows\System32\GameBarPresenceWriter.exe
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
1⤵
PID:1876

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:5408

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Drops desktop.ini file(s)
- Checks processor information in registry
- Modifies registry class
PID:3976

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:4740

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:760

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:5248

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:4968

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:4440

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:6704

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:6568

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:4348

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:6752

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:6800

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:6768

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:5140

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:4788

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:7128

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:5688

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:4788

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:4580

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:1836

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup -s GraphicsPerfSvc
1⤵
- Checks processor information in registry
- Modifies data under HKEY_USERS
PID:7248

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:6692

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
1⤵
- Checks processor information in registry
- Modifies registry class
PID:6084

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials in Files

T1081

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Exfiltration

Command and Control

Web Service

T1102

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Roblox\Versions\RobloxStudioLauncherBeta.exe
Filesize
2.0MB

MD5
2c3024c6aec09f36db69877db35f8e4b

SHA1
b582af99bd6ba14ae8fd28bc1cbbaec7b4df393d

SHA256
ee27f9cd887945d699f4a3f406e59c49076f38cef50976821d6439c0ab356a7e

SHA512
f2741ada8dea5939075baf3da61462ccd9430c005eb07f3354abd2f686ce83603f401655adb9e990d45808404c3b48d891f7d04e00766bf2904cd12a60a1e23a

Download Submit
C:\Users\Admin\AppData\LocalLow\rbxcsettings.rbx
Filesize
254B

MD5
d46dde56b56a035c644aa56c2eb6af34

SHA1
a9124dacfac833c35eda2a67f572ca4c0520ce38

SHA256
7f21c6969e6c8261e78f5491c7c40160571f6f797aefe579104292ffc83c2cad

SHA512
e986846bb41e3375f079a417ddabfd7848d604cb0adb63609298a3e7e0c8e987e9ca176452c03f7408af8959902157bcb18f93580a4c9a7520f1f52fab48f2b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
Filesize
48KB

MD5
10b1102baf964d75a0ce7676ee85dbb7

SHA1
b1e6c78b08ae79f5aa021fdecd5ab04fc04c2995

SHA256
a908f0b83b50291bba322fa1d67afa9c1217c0d544d93b29fd6ecd9c394b4f95

SHA512
cfcfd7da69e1648ca1ccc86365a2977bb21ecb9aeb173a3bb95bb39adab64bc88694d2377e9dec76563cc2277ad8292be9d43b706d4dbdc1a2a23f76cfc1fb3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
Filesize
37KB

MD5
47ae9b25af86702d77c7895ac6f6b57c

SHA1
f56f78729b99247a975620a1103cac3ee9f313a5

SHA256
9bde79a1b0866f68d6baa43f920e971b5feb35a8e0af7ffadc114366f8538224

SHA512
72b5296e3dd1c5b4c42d8c3e4a56693819779167b9f02bc2d5f5a626b519a9cf10bee59846d614c929c42094b65d13039f6024f6cb1c023e740969aaefd060c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
Filesize
42KB

MD5
c2681bc0c933bc8b05181356604b7d6c

SHA1
42fc31a19dc3a9a20b760bcc7e6072152465d6aa

SHA256
d214e5e1eaca61e9fd2fabe4c7ab79de36bf322138e3971a17f5f5fb9bbd5a67

SHA512
a82c8847126c8ed4795f21612745a5c5225cefcfb8696e74f7d7c773c558cadb68ad7dba4de8d9e1de55d6592e956c590d590e74076a60cc9339c5e66d7d20de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
Filesize
42KB

MD5
07c9db325534c6ca53596f5031c81dce

SHA1
391f7e3c06683ed34c0e1c581d71d8f566524980

SHA256
59c1e0cc47656932b5a9371c73825c8486923a70155199c7b1bc3fce2858a235

SHA512
389cc8fb07c9bb639e9809800b085eebb098663513027cc76ac8790002fe40d7246e1e2a25431f750e27a2c5a84a4ca5e6b403aea756115de69fc48ccce27a3e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
Filesize
96KB

MD5
2639291d875ba670fc8de04562d06173

SHA1
4f98b16e777a0acaf7dfcd51ff9b8fcd555632d6

SHA256
ac405bc669127a8143f60e44d5c94eb2eb1baf5b55b7417e0474892f4d70cc3b

SHA512
5dbd57fbbb7fa0b98a7d0f0929ea93370d7bab142f5e95defc69c0d039d4db4c6f59f6d4bbcd3fd99c215ac23640144fcf05e2a46be6f0945a89173791ff64b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
Filesize
20KB

MD5
740d5efbbe21e49b08e78a63a4f47b00

SHA1
b28bf093b8030c9f37c94f7b2c17e4451312a031

SHA256
65c20a747dc3cd63e7f2fc629aeb1258e4b2828e9b85eb85f70ce500c8f137b4

SHA512
005b8fa6cca8720bbbfd67b176f031d7dde7475503eaa9017a72d234724e146257ae16b7f9ba73a43a7bfd51f09b43fcd0e08db9654027686109689502840073

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
Filesize
23KB

MD5
e4b0d20f483b4c24ecffd4678479e3ae

SHA1
f0f3175f2c92922d123eac1e3a4c5bc8f6091b49

SHA256
ab25f94f51f31d69f3a7ff1959eafe9ddf3fad8e983fa216c91795bae573e13a

SHA512
54dda1d96956961788768dd0d5cb0ef9f660898b3b4fd1f6c02d5b092fe3629cb38f478e5e2fa5b074963616e63a235593a2de9e3fb420b502b40ded7430a715

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
Filesize
24KB

MD5
0a0ddfb05a4ba9eb584bde69886d80d3

SHA1
65769a7f025e7cd004a6b8fb4b185f297ab2006e

SHA256
c3d5f8e609d7a02e1030b48e6f2bc8370f884566fb4436af0046b6759e818daa

SHA512
0b704331d2da398521155c7ced17b0ba7aff8ab54434b1c29d0464895fb9e02863f4c2cae0f94501f40de6fc21ae30fcef9106d1a987f84f173fd1eac6afcadb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
Filesize
29KB

MD5
9b5ef1b7cf19dbdc075f6929ee5b0898

SHA1
51411b7d1982526e2e41081b41a2304170c76d20

SHA256
6848ca275152cb21d5f7f9ef6f617fb5ffb3b1cb6431723b905a2463aac6dec5

SHA512
0fa09f07ae2e213174663621546c8645082e95844d613e42c35e97edc839d3ff6dd5cf630a17c5827900fcd034a85ee20cca1fabf14fd1071730cdabb1085cf1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
Filesize
16KB

MD5
9416371b9618c4ddc6c04ed4ac5b18dc

SHA1
a98d84631fc732eb0187cba3d6673b42bc1a5911

SHA256
5ea6d2c931999db595bb1b1b51aacf0f9ce008762fc5c4bdbd07278e881504aa

SHA512
ac93d4acd658d229caea28631740996595c542e487234b33a4ab85bb04b5a14a2e44ea9d152f362518294e07253581a6e7205945f024cc87bfd5dfaf4f887754

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
Filesize
20KB

MD5
efd99f6b50b61e6bc88ab81db271f5dc

SHA1
13a91d8c6aae48306779d950cd3da773bac54a04

SHA256
3eb3416904e2d4354a4760874b015d4b7ad0f4f231889eb2e80a7c2ba79c22b9

SHA512
3532987383c85b0cb80ada4314a3fd155cfb78d23470aa7ea43c40342d48982bb8b3824b65c05fe496662e433ce65598cc902cc9e51d6a32802709683221e160

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
Filesize
26KB

MD5
7b6f20dc3aeed86069e87bc52d676381

SHA1
a99a7e7f8cff8fb5517eba117cf536291fe512a2

SHA256
470818ad77973de0b0437639b63be86d476dea657c4654df24fd99d82842e1ee

SHA512
7158b68fc50f4ba83646b2e34c3d23a088cc3850a5549dada4282c28cfbb80f0cbb56ca09f5fd20b050060ae8a26900777d875af4fbd27c461513723b6e14384

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
Filesize
59KB

MD5
7fd069146ea79b16633bc8b45f90482a

SHA1
98dfafac54f6f5db51e3baea698208833ed1b642

SHA256
a746ba588555b584fe98e42ac1a2dfbb92c2831b54c263f51fe91d124b9214d7

SHA512
c31822f497ebb35a5da455e77965f16a83e2007215ae88e64bc21019d8d45fff4671ab4300d9cf518bd2b652d071cc582fdfb99b4807c75e2022755e6c60a06c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
Filesize
59KB

MD5
0e057524bdbc36de5063efb92c47fcd3

SHA1
ddcb5a7f336cbefd51ae00f5e46c613d83aa3a2e

SHA256
41f1c5be9e637cdc83b271ff2d441e541ff6531529d8ab97ec25167989bcfde8

SHA512
79b7165fb1ba74faaaea920466b93f5d8e15bd00635b22cfa0f9b757f3103bfb1d8ab6748ca68421f0b793cbd2f48305820c46fb7f774cf726723321b78dba00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
Filesize
85KB

MD5
d4a9bb7e8de8f088750f8da0db9ddee2

SHA1
d66ee47dab71c9574724661c929edc45bee2f21a

SHA256
0e10069fab6bb3083dba1b56b844c6682e9092ddd9d7932f78aeb902c14a712c

SHA512
d351afa877d7abb9152631d5aa897718b9ad10a87bbada7852891a814ff95a6acc961f81641640ee061f7207df0742b5e5ed3d833fea0a1ffb5e0aa219686c70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f
Filesize
49KB

MD5
e8c855f3eaead9f83f3c65ff8cc0dab8

SHA1
00aa06805082d4defb2411f58c68b704731427c4

SHA256
8038a7dc2a60030e2f0ef93f6959d840615ba6f31d1030df34fb8d17b9e82ba5

SHA512
b5d79873488abc6073644f70e6061d2ed7a467eda711fd06c9f69068d1f9e2c04f5aa5adc8e360cf9b51f49747b7cf99acdbe4af71b5c5da86b876e63290c969

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020
Filesize
62KB

MD5
35ce7e7a6b67453488eefb7d51d1995a

SHA1
439e762440fb2a9a917dacd023499146670bd9e6

SHA256
dc9f1caf895b7cd6358d43d689cf8d17ee1c5a9b52e9dc3bfa61fe69f472e709

SHA512
f9bdd8f482d38568d84ee1d09d4f1d3d123ea09bd79bb85ff9961a520fd0bd8d3403e9a5fb8ab19f342d10e2b4a38e2a20e501ed07732ad297471a1d7ef3e19f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021
Filesize
100KB

MD5
1ca9f333e2215d937f9878662e6f7988

SHA1
45600c5ac85fc3f84c5e0bc6a449b75c2baa3493

SHA256
e0cfdbf5f6b8f2916cb60896f4b4dce66d3349b54c6d0ac212d84d0ff6e3bfc4

SHA512
4012009d6f770d917c3eb8a54435a9c5d02f8ba7d792a90e970119a64194a56210e9365d38d274ffb9bfe2a3fbbe235061901d1fd6c27ec010ae0dbd30f2a05a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
Filesize
65KB

MD5
c437d81d49d797a61ef576c3696ecfc5

SHA1
9db89df69a8fbc96a9725f14cc01ba605df1a35b

SHA256
576fed1095715ae89fbbeb5f477b60751e88dd868ec4845b2d86a6201fed7a0b

SHA512
500b9c694c159e7522940c6e17f9cdb2ce875d9686ab752844a6e7a5cb3d9baa53fa37cf4933f68d2e4527bc554d0bdd4d508c9e36b0c0cb6546ed624b79a5a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027
Filesize
49KB

MD5
9e8361c00c4bc8c9c051dee5bfa339d2

SHA1
d36a51791035bf241d03661e2bbb0d13c837ef36

SHA256
e4d3dbd48148b13bf0c8c90a2319c3fafa42d4abaa9c89fcabb3585d986234f4

SHA512
3bd193a1ce0ac4f243ebf877d95e9bcb8aa287c46aa3737c85b80c0995de1ddd385d4b138718055a216f5949f0bcfe33e33e649c0982db6e8c56fcaa6b242d33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041
Filesize
16KB

MD5
01d5892e6e243b52998310c2925b9f3a

SHA1
58180151b6a6ee4af73583a214b68efb9e8844d4

SHA256
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

SHA512
de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000046
Filesize
22KB

MD5
4793249b6bd408be93f6d31db4a2724e

SHA1
a587843c35b7da59d26848de967a12cf5b45d4b7

SHA256
1c8237ae885fd203ee3966d52df607988e5b28d6ab93824477217e45a697d819

SHA512
d5a31a3bcb6197c7bdcd57f4ae2ea5492ea3d0cddd8da54d902f5b8918de9078641f8ddb07fe824fa0cba0257453d2d0593ef6521185ea036d56b3f8c04cd5d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d9
Filesize
22KB

MD5
a34c77847d7a957a99edaf10a7deaccd

SHA1
1619cedec658842283a7a474adba2efdcb0d3598

SHA256
ebee5d0011bcd484c4e7067822a1bcac208a0d03a33fced5c6a222666df67350

SHA512
afe20d031816081eba10587141518fbce91ed5f3b44fa002a593f784603d4b2007c89713cd6d9ef3eee3ecb8b53a57ecd078826ba0fcc5d02f2b7de814dd1b7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000dc
Filesize
1.6MB

MD5
6b1275d40a481add93c024cee90ca5c1

SHA1
5393a6451876fd627b43f451a5767c11b38ffe84

SHA256
409a5e4ed7ad0a59238727004b97f28657620bf01d1e400d0b28dacec50a777e

SHA512
fa06b79912a9be3888eed4b1d8ef9427918f64dec0ea40333e9baab12d8f807c6874a23ff4c86099e44d7c41cdd20a1a7e8cd34d71728f6b0ca6c1ac6520958f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe
Filesize
45KB

MD5
c2cbb38ef5d99970f0f57a980c56c52d

SHA1
96cff3fd944c87a9abfd54fa36c43a6d48dac9cc

SHA256
85369a1cf6e7ff57fe2587323c440ed24488b5ed26d82ba0cd52c86c42eec4a7

SHA512
50371320c29f0a682b9ae3703ef16c08f5c036e84d5056e658f5d9be7607e852adf72c13bf2d0b63fc492f5c26d330bdeb2ba38bfd8b0d4567f0cc6b0c0f7bd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000117
Filesize
22KB

MD5
47edefe61b20751d8a4627be8bc0497a

SHA1
eea6ffd2e1f1b6e87fbbab83f5b2fd5cc81b79ba

SHA256
6bcaa27876393730459362c0f92a79075ee80c40d33d6353eca96aa63f5ebfef

SHA512
f011bed709b4be284a21ffbb4f9e294aa394492176d06c5d1cd95a67e9e43e88dc35382148dce01814a73cf295af54ddc647dde2d566f2aad675a4a4e8fb2cf0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000118
Filesize
22KB

MD5
bf9a884881121eefa078e482f9fcdb11

SHA1
1b0bcf150787d50717bfb1c6e6d6e418fe785e28

SHA256
5d7a8dd4ee7e2b05004cf599a1a2ba648c218682a87faa6cd98d6d25e9b5f365

SHA512
672bc2affdaf53be3c66b53fb3f325f9fc583344be4815643b89e455c48a973b3e8378dcd235a24ccfdacc59408913de4951b68bf458be890959fbed8a90fc58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000128
Filesize
60KB

MD5
fe582f726641abe77e5c15279877f9fd

SHA1
8fbfe0daddb368d4596cd343fac82f24a69d4d14

SHA256
7bb866c2e4804afab131efec3092585d12ae2d1080a02c3c6ece35eb8fa97eeb

SHA512
a67084c8a1e9de2282a9aec2f1e76e0eb464390f05fe4833bf4ee155a6bfedaa68e27812272a92a14841a25fe363bdcf6a76dd7d4e8fa86060ef6c24386e32b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000129
Filesize
28KB

MD5
27017ec9b5920cd206d47ba3c2e9a236

SHA1
3888d752d4cebe025cc69cce9edfb9f01227ee3b

SHA256
2c58d1a8ec4a54c2dafe3a921e004f974aad0f9e8bbed0e29ca8ecd56c827ccb

SHA512
0d75575ec4572566fc8e42f33304c38f1355efd656c6cf97045c39d86f9784b05cdea6d602fd5551d15ceb800b63887a10c6da6a27c6df0bfe3b8670ae578b62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00012c
Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00014a
Filesize
77KB

MD5
56da15ea4afa6de8a24aa64026549065

SHA1
f051ef2a74f38abf79560b761a27f1afa6b2b9e7

SHA256
3f1dc79479c7547eebaa2acf7852d613f952944882888ba9450bb477941519a8

SHA512
953f13a1d1a1763fc7a378a3383391f9056e342aa2f2ffcfb9401adf938f8767572fead82873e2c96f75ff514c1698a3fbc2bf82c6cacd9d7c43207fa33a5975

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016b
Filesize
36KB

MD5
c62d195e9c05d1097498bbde6f09ec55

SHA1
3991c0d18cc3e991774dc41386f1a9019c6fe737

SHA256
2d6d0e1ca8adfe821280d1aeae90ae7e30c794bdeae72970a7da93b8946cb02a

SHA512
910a43ac02512d9f0012bba38af010acc544e98198522471e1381d3ec2636c1264b0179dc9f0897237db2ad81998c1e104b433efbd5516abd4496970d848943e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00016e
Filesize
162KB

MD5
4043af37a3392a9db521ff9ab62d9608

SHA1
83828688e7a2259ed2f77345851a16122383b422

SHA256
ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321

SHA512
97a9d37ec02796cbca922559f384e1632c249d9955022578c14e046f2bfd9f84db113cf55899cfcf63fd318fbee050f483d04ae3156220ff2f0d364f989e680a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000173
Filesize
48KB

MD5
1e7768364a8db1e88535d1ca1ee9cd6b

SHA1
90d26fec8305c95cc5f6fa4b2398456d88627570

SHA256
eb24872de47889683879df871844b6468d59bb8126f106189b44bbe305853a0a

SHA512
a47fa27c6b7fe18bb7e82ce09f30d3cebc32a8cd63da4ca822ceeb1ac90569bf64e66632367673c1da9e3983c330f26a6edd7696e5e6e1814cfedef017d0fa19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000175
Filesize
27KB

MD5
53b5e785dfdca21fa7adf7119fa1f8cc

SHA1
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8

SHA256
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

SHA512
615020bbdcaec3b8e7fb0fd2b8c5cdaf3c4013c9323b6884fdaed5151788e213260c01c7ccd766898ee91612ab6163150167f9cc7109700b571b546e39f7cb41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000176
Filesize
43KB

MD5
565ce506190ad3af920b40baf1794cec

SHA1
ad3cba5d06100e09449a864d3b5e58403b478b3d

SHA256
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

SHA512
d18b76a6a173679e0e4f38f75229523fdd3601dfcf632bec2501f7004f842cd5dc4ae899dcd50cd0bfb2f298720732162f5ebcc21d41a8694c1df775a6ebb0f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2a471328e42cf592_0
Filesize
321B

MD5
faf853ab1eb04aeaa2bffbc4dd9ba5e3

SHA1
7623938f345c6200910311cfb8657f58a1e1c43b

SHA256
16a81d122a29892abc699efb83ac5f7b2398fbe47d79ecd4bec1b5d49eb77093

SHA512
de7be71d3b3463b14a564a482f529205b5b86e380e0dda58436c579ca8ced4fb2cb511ebf48814b98943a838c7e644138033da8aa5d218a95c052db9d6560f15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc71eb651f8801d5_0
Filesize
46KB

MD5
2e465892f482ff5811a3ea3984cd5803

SHA1
b5dd65afad8442c3597f1de9313921ef2351b242

SHA256
beb67356924ebd062a513f86324c714020fad190861abc4f929269ec287e9382

SHA512
1f1b86cdbca66a70d30a9094aea2a07365b1d07eaae028fb03143077010ea8e55a479a4b31f72dd092fa1233a80cd4cbd87ff0e5d7c46da8c1c44a7b7be57493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
6KB

MD5
1dea91ba5424db03a2ef79f430a6189f

SHA1
e9f26cca565e157d25067b42617b40c18a19979c

SHA256
75b609b50233013bff603d090b6c0eeea713e4d7ab7dc237059318b465a682ad

SHA512
861e0d21d31ad8505bf534ae2683fd52456714767c64c840d6fec44ae0b5b81b4c42a80325f9b8c1a64805c52fec2b51df27d627ff37eec68cba46327992e870

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
5KB

MD5
0be80429445b640fee3f902a76318bf2

SHA1
78a336ccaaf6f6563ff98b24f03abf9342290099

SHA256
bf5c51db55cc48693d53443469ce6b724f8e26256371d4533c1b4843be26b498

SHA512
761089892356b1c7f06b1e235f78fdbd42bee3d6dbeb892a7ec4062cd11cc501f305f14b1c4c31b068af1a4ec930413fceb7bac604e9b745156f4d4929aa4669

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
6KB

MD5
70c46daa47432becddc3cd6f5b63d80a

SHA1
19de58e827b4e7c20f6d125341bf3922375ef21f

SHA256
c940a9fa1635920653fd59a48ca74884dad95fb7dd0dcabe09c29aeeb6c97601

SHA512
b38abed9e8f758579e12721a91c99ae2edd519627cdd03675be68470c7bf5240bbbe1c86d131947182fa3b1c0911c0aa0cd010042b32f92caabb94216d26580d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
6KB

MD5
ba5dc01de8fcfbb562d40558e5f160fa

SHA1
61261407881d489aeb5413049ef8700552d89c56

SHA256
3539c069833dedf7f6354fe53b1331fc7c03a85476d92f0559aa0b74dc03e029

SHA512
39fd987ed46018c71ca428fa32446c6aaf4d70d484ff8a07fd5b6236c1983e742fa1e935c97acd16add9aae9396d81429b7b9ce53a80c9185627c8b118349ec1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
7KB

MD5
afc9c8b4e1c93e23d8149c6e49b6aafe

SHA1
a5b8811b6f52b965c93e1c687255f1c8d4654950

SHA256
97a3666a7c588f905597c150b82544f7af801409bee85475e78f932834365186

SHA512
8860c35fb8a335157c7f3dd79b25ee8070c2466e24c87c8d363d1e754be6306f97cbf5214541d25ba27fd5fc53400f630f5d3d5d3b0dddabe5c77b169353b589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
6KB

MD5
c917e98eaaf8f8d079bfaa3a1e5c25b5

SHA1
4ec35d90d859778b1803ddd4a2d0002b4a56b047

SHA256
1ebe95c5017e01ed2f97839cf07ae47805761935bced06dce70a8e870007238b

SHA512
1e959d4285cb70e08ebcbb5d6637e673b7dbfa30a8c3a64cc3ad95fef653548f9517a0f2a744199ed41cf0bc75be935ec82182818c6ee0cbb87106cd2fabe868

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
6KB

MD5
72abca48d7bc31ce8ea5450b7b3fb980

SHA1
90e329ab67f669892419b2bbaede33d845403839

SHA256
cd742b8171fb128111bb708685071a107fed95a61ac4bfde701f03b615490c87

SHA512
6bd7ae0ff8721a8d0ee60d51fd7eda0ea1b8fa6b5e6acc51dbf3ced3c3c21140f4571df247babc928821bbc0cbe0858e7decbc0ec3da5f52524416f8ea9c466e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
5KB

MD5
e62dbb80d1baf713f9ae4408d6943d3b

SHA1
dc8f6e3176839f9c24d22e82e832e425713940dd

SHA256
0733da5ef46f57ccf6c839d626103113f928edfcc9018d5b4451a2882bed32a1

SHA512
dc774c5df35ce541e40135d8eaa553e6db856c6ea8177833fb9fb9c36108006f0e30c0e25a74d10c8e7bdda37524c6b2f9b0b3bbb390b2166b6583e20e46ff8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
2KB

MD5
a3d235724cfc93c1e9e5fd87fafe617f

SHA1
0cc1f544c74b15fb290b732ea6724dc5d6419b32

SHA256
ad001ce22fb66f1be4323244ffb36a7e8957452a3b5309802594bd52122a985b

SHA512
78af56ce04d10da7b3432210557b435e77aa18351cf89bfb8c18afbf2ea14a5547dee175186b75e33f5b5e7732b58d8a8c3f2a40edea3d22a928fe32cf4f9813

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
2KB

MD5
a3ec68e0ce71fede7c02496f1b29bfe4

SHA1
7251f0ee62167ad6c3c651d8305bd1ef7d106353

SHA256
bb1c018bf1474358e0d3be01bd5310c942588174663a1cb77f60fe1280038770

SHA512
957da8adee7919bcf2c10b973fa736d5ca9afa3ece37da40dc95b7882c90c497c3105a059a17c3d0814e31c440fc8008cbcfc2914ac2273ce23481b52f4e7db7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
8KB

MD5
0b4718c5a1de24273b2521429d56ef72

SHA1
b5cda1626fecff08998c47dbb0ea830cc50bba84

SHA256
033fa6f5c9922bf25f26930576165f78ac831f859edd4aa779d8dcd4de795f32

SHA512
05c0fd6f1592bd8e3233d2a2929c10bee7b4bf9ea62840f2121008000bf9fdd7207bebe796d0a494056ede002e1560707af4228e68b8425548cc62a3b5e587f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\8a226db8-fab6-4bbb-9185-82374a15faf7.tmp
Filesize
2KB

MD5
fc9b25ae6d6abc546a40fc2e7f6cb043

SHA1
4ef9ada9129cb13ab8ad85790b21219d387f35e6

SHA256
856ee481bbc9383c89587b869ed1f5bccf1551a670d0244712e0e5388ef925c9

SHA512
b9a3a80b8591942a189cf65de7a427061ad6ca01cc36ea8238fc4594557b038b7d27913a13f92cc1f4184174e63aacc2ffd0a010b7544b5026f4144caffdf5a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
28KB

MD5
fee9cb1a42c256b02fc0de2d1139c4c3

SHA1
6ab20b35732849b53ec76375371f68715da41c19

SHA256
277311a7cd6f9f277e9e26f6c1d997eebbe08f0f16b027320007c820a7149f18

SHA512
a14ca738e5de40378ea2d9d55b667423272a4fe343836e010cbd5ba370724f2f3d95dd4f0e5f7e6ca606859e1e92312392111bfee1cb720be3447a439cbadda8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
10KB

MD5
c27de02b35ff21023a4f612d3c976b78

SHA1
1006723f879ecc04187091fa61765816741b5fc3

SHA256
a6a3b7816c3ac800dad1dcc6253b5d7ac82c40d5231895180b3e7105aceb4cfc

SHA512
95403f12bd7ab6d2abaa425b5a96896322a85df1e45f6d68a246ce8ec4c1b007d8e599627f22a656085d9ae85b5a8241af9ca7108c403a9cb40f4ce7a316b312

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
12KB

MD5
2bd83f6b139fea11e8fe211127db7683

SHA1
f4a0e6dd032532c2cb9b2c611d4d8db498acbbf1

SHA256
67999ef279681f23a804ac1ed3ac5478baceb656cdc27fda524dae5c20fd1570

SHA512
eb0db3a02647943cee6abbaa00de0186a00d129eccf9415f03eaccdd8a03a97b911d5c73667f07b6385a5370564c6ce7fa740843f82272e7c9e50164326c97e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
12KB

MD5
635a5c678645e845e44bb0ed4a9cc1e5

SHA1
34fba19796bb62188e71ae3bd5989cb9c51d83a2

SHA256
07067871219cf4fcc81e89aeb1c7d51597f7cb25d05105996592698c862ef7f1

SHA512
c9ee7c7ae66a5544f17fe16a825d153b83ddf12ac05ea71911454b4a02682c9685ffec6434abc324b37be56d5b150e8ae2892e9d2d86518032d82f3bea0dc7a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
21KB

MD5
ae1d52725c1b7a350a216fc56945eea6

SHA1
af69ed16ca556c4ef8b6ef1dd97b9e266bc671f6

SHA256
cf90cb6832133eff01588116212d1336574c05629a2acf74d5340f2e617a17bf

SHA512
918e94df8eccccb79ad401f0d5a02470dfa2d589daa69bd696c7bd1f2d8c9f492a9f0d75e9ce5694751ed916fb0a8cf32e55aaaf3f1daee9582e5e8b2a08783d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
3KB

MD5
b44669a78fade3473d0107b29f3c6e68

SHA1
6919bcd5da05ff2e9c0153cfcbe1c171610355ca

SHA256
6561f5216114bee9946e834b64491d0469df26b1f04999e7cb5061241f972e91

SHA512
1442dd65f4d7fcbdb04007e7fc958f34a459573cc09694541696ec14c8c02b46712a624331a1d2c42b5ca6040c5be8883bf41b265db9121b8ad2c36bacdf7529

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
34a9bdea8045b354059bbbef855f901e

SHA1
9c4553576eb733d0b77c7dd8a7b313d17ddbdb02

SHA256
7ea7b8e59b5236f8cdc23d053d9334717b1790f69ddfc57b0d19ede52880c200

SHA512
6db619b958d172f061b607f3274d47ad86dd6123b78373d6fe4e61ef5650477649167fe1b45e7e0bce8b9fb5603f5c40ab8a1a7a8c2e57981980b29bf158ad77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
5KB

MD5
87986b9e281210b8fe4b71d92a3c31b4

SHA1
eafe1427fac7fc221c46a18b6a710bdf09f88a07

SHA256
c0ee1fb226aaac0dc02e53bdfe773bb8ef69150adf3d69777b0dc54e4de6fda3

SHA512
52e91189122c182f3dfe5f1a4ec776727e4e4d2f9f40ca8acd30ddbb48bf7fde9886618e500efcd8c2f2d3f1c420c7a3952645f4e58284a70b02e01bf68407cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
e64249975d3cd041590eda1e692c5e06

SHA1
d1e2935353a7f8f7b3b85b08f1533c60a2d43619

SHA256
3bd2dd4a6a71c63658ee929b43aebce4676705fc9d6e05d7aac0c90eb8556d8b

SHA512
54edcba7559413ad0cc161a8bfefc6f8ed6e92e59b4e84b798e606651a7a0b051d9944224f020c2e863a5865f228a8a771c5332f14719cc529302a2c9b267596

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
911ec60ce770ea6866e55a1417b5408e

SHA1
22cdc2fa3e756649cff5ba672b16afafac218699

SHA256
be3ee03df24994a90254ed592ff166f37478ce9ac25f1c033f8f2a2065f34c0e

SHA512
91d0084fb0d2ecf420afb8c99663dc8aec8af0d4abf2b0d0384f8be3c40f31a720a11cdac1a63afe3882f073a2834b6cdb6934d9ec88de499fbc4ff4903d9598

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
a5db13d7b94ea798c6cedff206a8abde

SHA1
732d4e4c96b667a07c48b5e550f29f92af491942

SHA256
26e1ff8472fd287554a452459f0e9dfd1f3428d85e7c14cdb2f0eed38ba9089b

SHA512
bbfc9a906d787fc6c390641b5d4cfa4327b76fd88c073b41ae88dea699bae105487df86a8716da8682a522e8a09490d598b13f62ce3cd2c10602e93c5dfa19c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
a8d02a972685c5c483c1684975b3d259

SHA1
d6698a9b6c2866e289abce661185864826f3a881

SHA256
0a2de8c0dc25eab081cab7664682159a43781e7f0567caee9f744f8129613dca

SHA512
1550d0724519cc1b3a7decc09c3c2991ca0178bb8d9c105a683ea130502c87c2ce44804a398f82ee8eeae47dfd53b519bb3845962b7f786905b4c649a03733ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
b7d483d968bae3cfbbd3e33ddb86ee3c

SHA1
3865b8ea2bd800dcf0f018398073ac48c9c04b15

SHA256
a6b3886077d21585a1bebe3efee3ed08fd80a1e90e84630affca8e8e253fc4f8

SHA512
b093b5f012a0859b68c01a088dd31c41faf18e92a36fb4e4f4cdcc2c7f90b22658bdd6241f2055631dadae49b4f17ebc4bdfa46a220fc500dc0717ecad8ef922

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
3KB

MD5
f047ad11a1b01526145bee8439bc9330

SHA1
f2004ee811aba1a470360afad157af9a82f5f89d

SHA256
7de0a07f47f87b25c27c12d949106f72346f3e3948f8ade993acb4049cf3cee8

SHA512
8ad5e86f636465e69d17385c5fafcd0387fb72e0f539e0e86cdf151b4e1f4365b28c92c34d03c6b8a8c6a1e4c1e69ff8be34343faff2251242d585e3b168d336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
3KB

MD5
ca1b0e67acfe420f4f7f820233c5c16b

SHA1
8a035a8e68705321f802339c0757422c7c4a3dde

SHA256
1b1a77dcc1ffeaad4141a7f501bbb407d264d0b84a44d484ecd2f00e1c98435f

SHA512
0c0974ceb6939c575a45c68f96c479dbbdb305504f055515ef9eaa2e8dd2b29153243f70c7a83261995d2020c0a1a123d9cacb80ef24dc41115a22e7fd1e4291

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
6KB

MD5
dce36b99ec2bc4847a82f72835154b30

SHA1
43fa7d7954f89ce3d3e70ee252fa81cba61f94c4

SHA256
40458550830dc65b77be01585fad023b6d347fe154318f96af6031efef4a0ec9

SHA512
fbebe50a8bff208b2f444f4f060b6d7962a5465d26f44844c64bc02f9e5da25a6d663b2d0d806d10f77d615ee1f29406f15f600193348829f617d3228c1941c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
dce35b4f8e121e2a2514efbcfc3f080d

SHA1
dfecbcfa43c1897a65d557cd144368002f895b4a

SHA256
c3f784a5026c4801fe60811fc7931562affc33ac7b37f07a7b1b1a861ed09e47

SHA512
3aa71b4bf5e17e73ce05d1307e0bc6ee07ebb4a69a6fb6ef544b8d48d5f63813692a224bb24ec70309504862e91f3ba0033a3004ef2f09a9f1ab0f76ecb7cf06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
167dd6ad4c31ed3e6e01fc1e5c60d31b

SHA1
5aa3aadb5e6562be748bc9cee439c088528289e6

SHA256
55cc88ee6584c7262f3d3a235a8327c7307d00d3bded88d167d83eb758d92dd4

SHA512
3a9babc36d8667faeb7f8e32424c08228524af5666c070f12265d5c853d2809325b9d890013fc2701c3f39bf93b001ca9620981c395af4aaba45b8c8e12cd875

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
08f61f5825051f55d41def5c8b3630b5

SHA1
81d602eba245d6dbc28630d61f100ea0d54b58b2

SHA256
f075ac8a902a842546f453e76f43cae6774e8128c2c167d291f31e5888e72694

SHA512
c2fe92d8c6f442d17e8bf3fd7181d36ac42d3b44d320e5e5a607106e09e9dc11b89bd3b309ff4a40df0d305546c3961a6fb67bd8bb6a6cf0c97d8f1765612960

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
82042d02e7d2dde52dfb28bc3aaa0a36

SHA1
1a5f2153fb604f865a622cd0ab4ec12b869edc39

SHA256
9474c852e495770f9a023f0ae343946163f1c3141909a232bb325681529da30c

SHA512
1e4b8264e03e1b21aa03dd3faa5972efcf07a349d5a6f8bb3b94173bf23cd45eccbd8d3d02f03581072023719a0ee861f128b02da0ab46ca385e3f4138f1f2a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
a54bef7b1e3074adbf11c1fed1eb3c79

SHA1
4afe14b3794b85e0461dffbe1145ca722ed1b82e

SHA256
61c010f3750aec674b99cf1b9df67d60cf708af82204c53dc3fe77ddf09187b5

SHA512
169e7bbfc173c8bdfd5bbce3763e4203415db4acd36ac96948bc1a77f752a2a36c683795ba4368d1c1473f2966b2654583d0460526096a8609a2458f5a2490d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
c316a02b519e2b4d52acbbd63c088055

SHA1
462d1ce48ac689f0caf6fb5c2937494fa6d78436

SHA256
ed1eae5fc4e4ab286e0f119cbb1fd6d4b3eeee2f44d084ec4be717613ca6488e

SHA512
d93e8a9a7ee2f5b154ec79978a7a5f29f6e4f312d99a0a871ff06d0ad73fec3b6b6b2e567f4144dc60d71a04bcf78161ebe21d5833e682d7432503583376f3de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
f043c8e291965061d599e15e503336cf

SHA1
7585c2a3fd163f44cb72fe9fd9832d1f0d297f16

SHA256
5a13f38aa1546bdebc2eab20c19e76146ee38f55fdd7522d2fe27cf4b22c4517

SHA512
573760eb440469bbc48d2bae26884b88919960a811e50f8c2be7ec78ad8294448fd7849a8605ed8fcd07243d76029e3cc3ca6809bfe6c6fd8ee6bdd7ae6b39c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
1485ace24e79cf1c49208edd495b1dad

SHA1
f98b8c9c34657c55a0be95720b70a0d48fa0e03f

SHA256
940560048928b1e8a35eced124233ae974f57bb6d84bb160a54a846573c574a5

SHA512
69856ce909ea27e0a6bda23e8c5b56cf1907e7791b8d2dcaf333b0fed7ef278f5c0a35df3ad08f8bbe175c81a0416fea2c8e3c1f7b1478b5a010a8deec8166e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
6KB

MD5
0472c15f12698bb87697abfe7acc6ee7

SHA1
dd83507df085125d55f3c1b746adfb487a4d20a6

SHA256
46c9cca1ecc5a809be0de6641454fd8ae3091e7a3d93f3c78afb3ea59dd23266

SHA512
76a694ddaf0e530faed7038b59bb302eb3b49a4a9115f21e826f65c88210d4ef51434c698ef992c17b251e78b90d1cfb988ac17285b54e30c1c7a52c51ed5c3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
674006de02d16bc26fc2d9c76fe5ce99

SHA1
c4293f1b6d3227f0b1abef59e8c77237f51c4a7f

SHA256
62204cfcbd0fed4d24239e87ad421e50561c8400cee40a9141541812ac4b61b9

SHA512
12d4b9373b992c2d4ca6e9d4bef48ef7866f225e9414d2f14bc43f4e2e5789c7dabd6610f7d4ee3834a5d744695369ec4dd9de41f9e0ff12936e6854c757e5ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
f247bc7bc5f5ffaa161d2f1c30230502

SHA1
8136cbe84d316c630fcba3215937f8ddaafd0e92

SHA256
356a09eac663b6c7b3098b855e11ded6933cc5087df1d2bcf4b340edffbeed9d

SHA512
c8fcbc1750b0154791419c21f658e18e25e85eebec0a11e2a00c188f93ad9cf1828433ed3aa6c11c9559420b79f1d2737d9a4d554e4777e065481b1dada9f3db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
a7437fd6078b22368532ae7dbe26bb36

SHA1
7e7e19850e81adc4afde028c64293d37d4907898

SHA256
ce1dd5a726db435a0ff9a8f17018de69ad04b59936f6cd30e4de1ac7947ca32c

SHA512
dab1188188c1b6c753c3f7bcff433960a8fef18b21d02c36b697e681d3cba8e993b0c5edba0e2fdf1db3c45820d7dc72cc8c30186a33b71c7fdaface70b2db58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
3KB

MD5
37474c7f07df441a204a3780dd944ca0

SHA1
af39118752fc2c2b329a4d8dd7d9ccb82f9a2a39

SHA256
de0ffc1cad1d230393358d8516b692040304c99fe3b7bb6b4185b9a050602cc4

SHA512
f6813d49d46c58dd55ab5f81592c960a624d438fe966efb118dabd2d44299da10288e90805da7353a4cd23080f8801c09fc25ff2a1da1dfc0fffab269b4ac6f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
bdda70857a2411b030e429093e0ecbea

SHA1
55fc086658967b02f071e36b0f804b4e6a14c7e7

SHA256
40610d86a112f187066d2236e94e8664bb9c1d2b67dda8290ad67cd60eea0521

SHA512
82d42165cb70c67113148d5bfafda666479f35663cb682d1e0942c731cfb5bf50d853b3f83ba27758df73d3068fc8883de2ad41ea7263bd5bbc8ff4162587831

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
7KB

MD5
f851acb32a376a9d4b6fda86bd94b8b0

SHA1
1894e808bfc405f34de89912f26ee83f5233e3f5

SHA256
91ac2543043d1daef8f15c536082a5e693d7806ba89d369137fe5e2bd477dfb7

SHA512
763689b1db977fb7dc000f8bddd30fa4c5a32c296a5bed2959c027fdda04d8935933c5dce075d6032f4980e51c7cc9e2d5d66dc822125eba1ce1cc6570a9d476

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
d1342d1520e59be98386641a5ce07f78

SHA1
cc6679cc2b441eed85ad8f73e5401c2875bf7f84

SHA256
e547d101f6da104f9d1b9f9ee7649bbe2bbed0ca1136d58b79867f9cd5991226

SHA512
4d6ab34eddfbacf472f3a8f1e840574ab23b08cf42c82588a1b0c2c6c6c87dc629bce0d2b8948828a6e2d41700c1386964b686a0bfd53a66cf7fcc73947ff482

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
7ca4b45df9805611a2033632978f0084

SHA1
8087e402f5b65d315d3e7b7faae1286c3dd55e7f

SHA256
a382c86d1fc961b678e1cc78c8222991e48a6785186eb25572df8c8b2194c389

SHA512
7fea17acbaeddcbf931c2ce1591f91b9f2aa8ec71871ffc041a79be0e88cd118e43877207000da07d11c58a29de72a848c71a925360b90aa5aeada87db69ed80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
3d1178221f9b89f34767e3afa4947d8b

SHA1
319f33ecb4f48c3f64757bd587a84e76ed1ce344

SHA256
f8a6a5ecea3a84fbf118db755d899b543d806163aa438815c2f3a822d46ff823

SHA512
ab3a7c72b89bd25c127bd2da2b05d18d41a28405e500654002b5ff09d7baa2257fa4776cf17c35a21a45ee8da98f2de72c91ed0dd9a49314d5e8d28219531774

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
2ecb10a1d876ab9b2223472f2e4250c8

SHA1
6083b7e17f26fc6af6f97487ab2ab495ed3239da

SHA256
00a56d2ee673a7f41e1c01fb1c46ce6e93eb8469026505d7773be7bd47234c95

SHA512
ede3a3b1dde085d91e3bfd179786c81bee623a0029a11f85fe90f98e6432ccbfafd6841a77b357743d09e0a9213eaf78f80402e56414534649bea53719d6edd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
8b120fbdcd994cb3440cdba2c9de86f3

SHA1
cb64eebd694c113efb317fe4e073634642342541

SHA256
a1ca733946e60cac6629cef2e4d305cf8c81c75e855fbc84f7f7f1b75065863f

SHA512
159945e83002fce3073a9fdb29028403ca0de66a286e5107293b53834c741c91c04c9eabcfc2be9305cccd228ea24e1d41d4f19254fd85e5b5854d1fad58e8b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
b9af2a23b14d962beab16d5fe0f9b51f

SHA1
12cddcc636f4eaaaeef3cfdf2e809d17f17e63c3

SHA256
dd58e44c2437f1032e386f6d8cba370315a487a4f596f3a323f1a758178217d5

SHA512
bbedfd40573aef64b48df882c90d999d7e0753827c980e6cf99f9407cb487847885c71358331fbbcd64c24932b54f4dedead62299be2a3e58e7377d715e6d80a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
c37158ba9ef5ea256a2816fd3d985ce0

SHA1
e3500ae73628826dbbeb6ceaf72b0f50e86da924

SHA256
46681d9a750d558afe3c20ee6d3ff662c9c6700dd165865679c994ef17abe424

SHA512
56a505e36c0baac135475fc1da1cdf6af5d91b8168c10ac50b674a428d37a9f820a414536faa474384afd64d366fbd2050d4c5840e21afdea22f0d4b5c9bd120

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
9d246a9b33e3cee9f99bfe8044e02f21

SHA1
89d561196c351e05ef32380622569dadecba46b0

SHA256
4152831304b4a04002b388b2cdb562ea59d33818fd7d0a3d8c710fc652c575d4

SHA512
a7550518a7d27c995259484e4a2f3872b498d20c3bd9629f61bcb267091d890985bc8d4ea140ddbc4777d1ffccf9916a888083a85b507aa17ca5eb29e9e475f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
3cb5083320a6dbdf54a6032ac1b3214a

SHA1
1069b802e75d020f8756c6066e520bf32102ad3f

SHA256
4b722cee099fac72c228f800fd53810b88c3a28231a620e50cd404a04f1e8165

SHA512
4dace2f39b16708f630ca637caf3d6dc74ef4d0621d9990fca597ea0cbd1c300908b5d33a05c5b7ac8122559e7b3780a7e6c48c1b12648b3ffae9bf2eb80ed0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
264931ed43111ce9ec5836c64dd2ef21

SHA1
945345e160664e7c5d9596420c3a8ffdfc46c2a4

SHA256
9f0dce1acd18c2da37041d004fe35d4884af1f5d614d4fec9c9c02d2caabe57d

SHA512
cd1fd93721b3783d03c444c63a77253b0f326059260ec9af5b4ee9cbbb43ec4a21e152df8ba5542dfc609ada7558e7408285bf3a25b44817e1ba5e79bfd5e98e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
df145180d7c0632aa180b1b63ea3f93b

SHA1
e5652ca8637963d59d20de8ca911eb0197e2627a

SHA256
2d66bf1397cc67bcfeb52e9d757a10b87d357308ecd3449caeefbcdd56595c43

SHA512
88b85982ffc84135ac5b3a80c4cccf5ff738fe0d6a726eac5fe2832ca90c50a4a486ee35474406eb7e9036f63556b4c9cf8a36a1a2482dcdc67c1e4a8b9b08e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
443789c2e6a35a623e4a5aa8f7c895f9

SHA1
182c9a800cfaf08712eeaea2066f798ca5097a45

SHA256
4bed72535a248567e045c4a2fa8bd6645858ab8210fecb1487104e550e8f368c

SHA512
03bc60f43f6a16f4c1110ea69cd81366ef605f77991c81ca66e92699f52b2654c4c1367adb18941a21b25a67a2f3d5e2ac77eb60c58826808100dea5f64a7746

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
717f3ded760acaa6330960b0b92638ed

SHA1
8d3424ec0251948ffb6c887fe558b66beca72646

SHA256
b43484c1c205bd9feded6a067c7e18ce489c9e07cfcc369dde545557cfd2f1f8

SHA512
c708640f86a21355c88e96e9ef2538993189299be68c01789791b24d6eb952f4940814d94f0ab0053508cd4cc19f05b7d8b1a2b5c58abdd3233f110cc671f70a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
1d6488ea3956a6df40abc5bf8e61e3c6

SHA1
6c313dacdda8edb2dfe25068598e3440af604c03

SHA256
b44a92c14398aa8504553baa954e541fb1c1cea1aaff484456bd3dc5da67bae3

SHA512
981435cc69c88c805e1165d086d1c2f98ace9695258960f21a2005c6f1be150571900b4e29f4d9307ac4c87cd01e7bb3a49e5f8b4f372a9035a8bb009e820013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
7cc649939e69a76aa68c243655b8e4d4

SHA1
cd422648164cd7e5335407e082d9fbf219c9068b

SHA256
3c2f50c8db95bf61348210de24472e2f46d861eae41b71eeff885b90b6321677

SHA512
9e459ff0e7e4cfdaea1fa021fc47920689178361fc74f09409ed6533d9877cf9f801afbfd6084fece6523911a5b14d1b70d5b18642ab9b0c7470cff5e730025a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
7aed26521ac0c1347e082ebcc5568432

SHA1
e73b8147b5fc412f570d1845cf6b4d65413168ea

SHA256
650a82f8f90686d49757fc969271331689c1cdb6b6edd0223aa3698dcbf612d6

SHA512
4e5c3e7d7678f9e912c8fb2c1e4318486d2c8595e2760d8d5aaff310d2573eb836cd3f7160a411918c0354e97adbe4d89e7eee9ad40b29fba84631c70ea63efe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
b558489c448c70a8f2568ac94ced2eb4

SHA1
ba37160cd1415685e363893677415fc860c0a7ac

SHA256
d169eca1571b7ec75ebfb8e0fd07412c256fca43258559103051f3094825024b

SHA512
8dec509a2a46adf2951588c0dc272d73d0c2afee0eeb62b4384fdebb94ff0b422d05a64c5235c853f8e295eb13cb7685d5f11672f0f2ef66c131c8eb935cc29d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
2073faac7136eab7bf788faa20013fc8

SHA1
660bfc3bc5aa4b005bfafeda36d27df68981da2b

SHA256
d606e2d6d099ac5746fc096345925b8834763c6e62a58ed993907594a097dfae

SHA512
b0e328aac953385440a9c0999729894f6cea7ff4b89a8f3c7a374ccceed07e1a51435e18a1dc5e4b3b20ce94ba2f1c2175c5427b2e8fe63329f5bd8ac3221074

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
36ba96af8e05f433efd9ca975e67901e

SHA1
756bb1fb3e4c9dfd6ca343e7a5325eb85e4539f3

SHA256
b6c2d5e3ba931bcb759cbdc813727b78330b8be35bdd19e79361531fbd18e789

SHA512
551b31cc53f3bc6c02a8e66c2df60f26836bfe6db60cf2622ffa4edae3f5eab59e278f1c6a1fca562846a467c8f357dfcc25d11289d3f23deee2f0db2a7fe512

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
f721a0849631f367c2d45c836ed823e1

SHA1
a2e89d8973884180ebeee2fab60af29018b3fe91

SHA256
15e23e3e38f481e413635dee324849ee03dad0a6fde9c4e78424a6245a3ec658

SHA512
53dfd84ab8e09799499604935e64d7a5d6bbd1c242f5f4f903c7b2408ca00e50c6b27257441e57566fc5563095dde21d21ed62bf9da4f8a910eb4e0cd7ad3bb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
4cc18bc070e54790635388122222afac

SHA1
b1811014dcfb635152483b242139302023e36565

SHA256
cefb4620f8bf9c30ef120fef9c31fd09a4c6205d244d58e331bc25151100988b

SHA512
97de35ddc7452c26854f001f6bb190c5a1faea85234ec49c92c3ae6147feac11858a305c9d5e4991cf3c3794c188ee8033c7415b8fe8cbdb585e595c3b0ee48a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
967072dac92b966e0efaf99e189b7e9a

SHA1
cd68a30854efc9a91ca507af0bae39696a987b0f

SHA256
29e322f72abff6fdf527cdb6d79d52a9d89d9d8a37d2708563bf6ac65dbd25ff

SHA512
edad20e9557555a34c2e1681196b3d193824d62aa528eff00cfaf28e25b70c5d2d627b53b1db4834a1cdaeed01e1e9ed174a1f433aa134c48114f03df67162ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
0b1dfef371de52d38ea497e6a6ef3c6f

SHA1
88d646a3b2827ec37e88d289d73ed4d407420620

SHA256
9e370c07fec97881dede240dc1dc733c415183e44e85392a5a8d778e08c9642e

SHA512
98fa87984075959dbd0e8cb0dca6bf93ffaef4d0040ffe042731970fa4dfc1622c2ec78618a19c8f84c268c85d036ae9e3fe5381538c2816f19908491c27ae44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
6KB

MD5
ad314631793bd09df0935bef40e806cf

SHA1
edfeba51b6a3282cbf7e46e727d53c34350b577c

SHA256
184c3c519fdae6fb84855e4deff92debec875dbb70d467b2a5d222892121b40c

SHA512
04437936f6e81e21646298dfb789d0be4fdcb4c09520df6d490abc841ca967890720a6c1f7c1fba03cd970c801abda9cae66fa4e12a15645a1a8e2089b71e23a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
c19e580cb2efaec42700255ca8a6dd40

SHA1
21fc169b25b4a915faf30d449e4327a756e9eaa4

SHA256
544b29db0a82ed52605c0f85027fdfbac56da429938d67479a98957557f2057f

SHA512
f70a321f91b15a620072977db97ae547251d4600429226a573ef625181c5dfb45a37b1ff90ffb4c657ee6ac8fd20a9d5aa5ee2c98537ae08e8e19ec059c7005a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
04de17bde8555329bda6f6ae7e9b04d9

SHA1
db0e25f1bccedadb05af581b83fc710066b9e1a2

SHA256
f5ba5df735845f2c19030e7f3812fedba9f3e6755cc389c07900b47fe37f4320

SHA512
ad58f1c6cda21d2108b656fffbda063ac779d0c4e092e32cd508232567e68411a78b3f05d759d6253e1250d684295c50dc77a6b3116c9664459d55841f57172f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
0c684661b5d0fa56e8be95f4f271718e

SHA1
ac5b4465a50496fd6c7be40bc546edbbb074ac6b

SHA256
ad029399d4d14554df5b401cd4551d56cdfe2d9ddfc68d94f8fbf4603e32759f

SHA512
372537ac313749fc17195b80c2abc0394c9ae472f346e5d2878fb9dd222846784b33e85dd7f24cfecc18cb855bc85721b1b063392ba0d7bd6ff16df8a27f1dba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
15KB

MD5
6543b569789399685728af805c18c941

SHA1
2d5eeb2057ec5736d1e856aad50c649cb291b082

SHA256
333f065295d916f0cc3c8f31d8c7a8c4c06f3f263c987c44f334b9862c238f71

SHA512
d014e967eb54127682984499b5dbeb119bbebbbe8fa63287c7079f8aff6fa02fce36dee26f652b2a2f7c89b56de5809d590abeffe1b64b694906b6d59f2c12a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
15KB

MD5
684c86059ec5a10c96004d49abf204bb

SHA1
ffcc21ab9706a0f3641a73cb14feb1f8e1363d7f

SHA256
c312a6ed15bac6ef69e4f4ce63efa584fa04f8a2700e990f7c093d419303f27c

SHA512
b7c7beafdcc5b9141ec11fed0f31966b472bbf8d5d0d3d4c07ad0c978330890114087f7deec603fbccca993ca2c717e65da3468c86c5ef9959eec1d4412c1655

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2ec804a95301e3c121a820dba138e006a79e5091\f188c90f-bc69-4dba-9b19-ba1f84e05864\index-dir\the-real-index
Filesize
96B

MD5
1adec781f1a0e384191ffe0ec43fd208

SHA1
79511fdb0305c43478a573e69eb0dea925012afd

SHA256
1993ac405d3111129d5c6612d5314b0861c7ba92e37a6667667ed672063ddb67

SHA512
3d0f9dd29b62957751155e870786e03ec636c94eddd8d1a20a0ea318a9dfc9e53bd68b5975853862b200ae0bd1e6567df4fd36321a2d1923a753d5b651f9eb89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2ec804a95301e3c121a820dba138e006a79e5091\f188c90f-bc69-4dba-9b19-ba1f84e05864\index-dir\the-real-index~RFe5b24bb.TMP
Filesize
48B

MD5
fefdb9ea45ae08113a090b78b227f2bf

SHA1
a419cade8ed843578af834f5e1568f79c636dd8c

SHA256
96ebe8bbf17179fd31bcb640aac267f5a3616350f5eb6d68c23b59ad8ce70b5a

SHA512
9f3bc3e4b109e590b981ff1548f62e6c1cd6513c2bb2510711437210c3921404e2615d7fee3298a447d6fef83cc3b210f23f936de78e623ba4d3c83d16db9bfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2ec804a95301e3c121a820dba138e006a79e5091\index.txt
Filesize
117B

MD5
cc8bbcb83031513cc14c902a38595f50

SHA1
f1997e77aac0254ab7e0216c2c4cefb268b7b855

SHA256
60af312fb95f863b21ea1dec896b6fff732e2cbd85a8ebbd2546f86831180809

SHA512
8aac9a036567343bdab2af7bbf570fde516839145dbc51bd9cc41defcb21c10e82528324c8afb6c6dbdab125b4c51b55f4a15f77a6014e3a4df717b3def22037

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\2ec804a95301e3c121a820dba138e006a79e5091\index.txt~RFe5b24da.TMP
Filesize
123B

MD5
02c2355a94cbaf6facdebb39a5697ecc

SHA1
5ec7d2c995c37ce53fb588e583e937281cb7f1d9

SHA256
c7d1dee4ec65ab72c23aa01f1345d490932c49bbe5fb6fe0adef80a7b4557505

SHA512
6a0d8bbf42a7bdb7fda62754ac9cf9fec2ea337b00b27374044f702a163c482f38b0995ba35649a498c17494f1d1953939cda339fbb1af6b36f45bed7501dd65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\66496dd2-1ecc-4514-84da-3261f44c8fc6\d5723baa59c92c1b_0
Filesize
2KB

MD5
e4ae1b05dea37f721c5bd6ffc3a3e67f

SHA1
4fff6f5e5563bb2a22ef049036b028f4b98b5e31

SHA256
b4de5908deb6d290cfce40cac462d970a7ccfbaffb9138beda4e971d24fb7bad

SHA512
168cf3a75731a58749b09571d8aea2ecd32580a2a8a53302104fa67ce3c6a5dd28ce1d1d829f1b58df82bf21e0c6876c33ff6e91e2ca809d3b48503a6f33c2bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\66496dd2-1ecc-4514-84da-3261f44c8fc6\index-dir\the-real-index
Filesize
624B

MD5
17499fd76f6498a251bc34b1261ed6d0

SHA1
637d1c7d9b933209ce1d57a96d3a757e707ba14c

SHA256
e0fee0e42865e1c2d334f53fde466f35c6f0adc530d170dd62354c51798a4abf

SHA512
1d9f50e457cb33aabf1fffbed94877934cf306b5491fd5d697b4d6d9eeda95b369120814bd4cc5f911a8fccdfbb99e9642ddb54d5d0ae7f1b3b6a45e50f12e28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\66496dd2-1ecc-4514-84da-3261f44c8fc6\index-dir\the-real-index~RFe5a7282.TMP
Filesize
48B

MD5
0f318391ab93ddf48d0e37224d18c686

SHA1
5a5a3137060d10ab6fd1bc1325d68753f8aa68ab

SHA256
ae0b19a966a2f8e86eb06216dc83d9b135154d2b34877f48379e39f06a507ab2

SHA512
0636e4a7756a0f732d356028fbb4a262f62000ba318378444a6845152550b65a6dcfeb3e1959f5231e4009c8c030229c5a72c9319072bd20799ddffbf425be72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\eab06320-9e0f-4b23-852b-b85bc0b19bc6\index
Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
189B

MD5
37a2e22bc4196d55d10dc0b4b79ab49d

SHA1
03f197d9675cbf241c72a1c2ce03e09c0a8f3cee

SHA256
301625f2ac194c404378f4b7817f6160418e49cc985db18fc754fa2551ce8c0f

SHA512
8b2f5f8a6dc7bcfb57fae2cbeb9cfd3ef6c6789b35e2d6218eb98af744a5a824add547d879176290dbd1fa963c9d31626419d6137fdabd14708fed3e6df414b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
125B

MD5
15a3347e6e3cfe34ddda62a2d12b3165

SHA1
d7f9aee85fe5016b569801767dfcfeb3894df354

SHA256
a89829ec940911dde24fc7f9bdc0496fc7df235c00fb4be7c7d67aef4e070597

SHA512
d09d1f01674e76c11e8a2ea79a61a649b57a24b0b777bd0066c14b6650b6b764791d75a13fd05b32896556d75c60dea5ae2118f692bfdd3460d9988512024654

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
Filesize
129B

MD5
19204de286b09bc00dc1525618a0cee9

SHA1
cf2d514f43436686a3a3bb1fd5e7454ff19acc38

SHA256
0eec851d92ca2bb5aa2ae06945cb818cc007fc1035f1bb6425b5fe648b85d7fa

SHA512
92e130bb188c361cfe5d29e6009816944ede352313c29f635412f1ff225f04552f6f9cfac00cd7359c4a9c85f5cfd4fa603dc78bb02c5f40478dc41a74c3bfe5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5a133b.TMP
Filesize
120B

MD5
cbbb24f68bbfb0f69a126a2ef4c44147

SHA1
e64d506f2d5b98ca62906f9b149a4573f3bc04eb

SHA256
a0062ce78f5e1b226b4b71b6b725662584d1273f42fec555305ad933649b09f5

SHA512
7e73b500716ee6fba35f7b4be65a6085eeb00be07c5db95d364edddf86c045a138367a54d50fa937de492334e67ece310a3494a347d7d9696ea3ab55643f71c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
Filesize
14KB

MD5
40aa1b815fd9a6d45a559a65616de97a

SHA1
d950b06c3eb2b481ef1e3c8ae951633a63157082

SHA256
dfb9c4a6b859e73064a3a01bc8d1ebb42ac0fc1c1117ae935a55d5d0788a1367

SHA512
5eccc8edbca8d9d7897bf5716c5d41a8ec65bc009efdc837487d64c5e78dc1c5122e2d56b6e97f710864cb07d5050ad8f1f1334e7b3ba57c62aa9a61951ebe69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
Filesize
7KB

MD5
d4fb0d1adcaa40132a2fcb8d7a41b55d

SHA1
953b92a0c2daf97d29d82950b00d7e61333eff65

SHA256
b02f9c0916c95e98dbdc27060837590421480852c8209ad903e681eaf7be00da

SHA512
9f3a249901b563402dd6a31ecdcad0faea2eb9e323919ab04647cf05edf2263e3a000d2555f29af5f14a0e307619d43c24117ab68c45325a97ed9ea16e65cac2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
Filesize
137KB

MD5
74498d192aceb1e7a40b22421052f3ae

SHA1
0c64b880ee438dd87ac288f43ff5280a62075669

SHA256
d390a3b71de4ca292bdcce153076edbc0547ae79ab8191494a2e38773f78663a

SHA512
3e956657bef5302d5f5c099b5a9836d39780a089a13927614dd42a7b8d0ba2048359d408da3d090a22044cab4730d0b1130e677ca7dddbcec0aa79fa82c50624

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1
Filesize
336KB

MD5
1ee97a7239d8fcd3522efec3798f1253

SHA1
19031ddcef79c5e07163e6248c1b53a42b002bc2

SHA256
af0bf4f3042701246f37f183ef8bc9197a02157a61c37bed601fa2b782c8b4d3

SHA512
3ec134096c51ac784eacfb1352a9374895af9c5149b186267dd4ed7a720d6c69331322cb26618dbf9b3bca2eb7f5128ba591a0990ca085f045f50916951cec2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize
96B

MD5
12d2951f47220bb1c62d9b611e4fa115

SHA1
6d8aeea8ca4845a56b705f41fc684a7db104a9ba

SHA256
a7733380d8db60989801233514d655c433bdedf7f7f5d443483b70c44513d0bf

SHA512
78c78a0da8088c61f1395f4b422a8d1e4303a6bdf612e73eb2d4a45f861f4d94284d5fca55c2c9ac7f7bdd066cc7cc772e59c73642400676f703788ac5ae4fa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize
120B

MD5
2e35f0a14f8c7dbd2e106852794bdd08

SHA1
e2e9ec24cc5156bb9a9641d3f734dcb35b793fb4

SHA256
a9179c8ccd5015c55afc1c0b219a3cbed9b308e5a3dc168cd6a2b48280c3725a

SHA512
a3f21fd5eb8c961c0708412d94f72705c79a79b97bce33fea3bd97c170a40dcc24b8a66f4a02b3a0ad4b99a52e3f118030228f9fb81d2856cc2a987bacb28151

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a636e.TMP
Filesize
48B

MD5
a9ed21e6be3148a52c18635c7f8397a3

SHA1
e082bc6fc0dfb1fb14b5100ec0f6ced302a9799d

SHA256
3a8bc019d7d26c4108121cb3bdc027988c215b5aef0bcac24099596fac9f727c

SHA512
4a0434babf0c70111a994f91c06698ae1c62bec0e85b20849894d5f84331a0b9c66ac1c33cd3ab16ac3fc6577e513928b1165dab1c96a30447c7d1afb9a370cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
9cd4c38443658acda6166ba7e5f6d4cf

SHA1
1872f7db3a6111a46b775141e4803ce597529bc7

SHA256
5ff337e11b855bbc44f5c01f1b69983cda26df5dbf8fc762f69b3c5633bb7bcf

SHA512
1103bbc3245daa3522622f0a2fb38368072b521f80f7b8c5e43b93e44fb84a5d3257da78762df8283be9db88ad9f81d193429e98d84749a92966dfa3dc644125

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
25989076b7bcd45cb9fcb8b9c86886d5

SHA1
732fb3bf42cc551e8d4822082536d9cc93ee5084

SHA256
6afb421aae70862912215bcfe70d672a3c5f84c4975b9b0f8409841ea00d81f4

SHA512
83b910ea9424a8eeff13835ca96ecc1751c9ad84016964436b4a471532513245d7e46dfd820174fe5334fdf476c66b2aae31b0886e17e7f21eb5663f608b7dff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
40a82e4e7c182a6b4c89a92c53c977b8

SHA1
aaf3512c38ede4258592dfbe6ffe1e533d59f558

SHA256
0c439a5608e6ba1c6e7a718096e433ac03bdaeb8c0c624e5272fba096b81836d

SHA512
384548176f551f4e1d95aed062ce0ed39d20a543d4cb0c1ce95a4d325821eed020765426c00ecbe784fcd38af250a699db1b4a93624312486fb29f1b02630834

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
8244eea99298197d7491ab6d5f4e5be6

SHA1
f54cbf349c180fe888372a19ed41ef623eb229d8

SHA256
28c1ca237de446777c3f4569b206d004173d23b7779a16bb2a3c7e00e66e7d93

SHA512
7db241a4771019fba27b2aa5bad7200e81692ce2433ed16d5facbeef87776e8c6737ac65845b0ae7114bf8afed3b496ad6b53fac938fd9ffd17165732284eb95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
d1fa8b1f3d22a436e5d777ffb989f032

SHA1
44adf8bf776e853544bbe5af71d6fcea15024617

SHA256
1a5388bd49cf889beb29fa0cd1c756266ff925ef3fb4e38192aede3459214221

SHA512
570c7c9060e7938660e5e42e61cfb80241b638a779dfbc3241b6981a345ed7bec14ff1e45b2757481a35095c8d1c68d26532e9222dde91cbed586353e994b55c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
4570b19a65427ece8ef471be194b769c

SHA1
27a809f87f26bcb660d3ef854b3d75b49bc33bad

SHA256
b0e3dac0f0da163c64ddf3e9da51e37b816e4be2d4aef95f41287b9799bcda5c

SHA512
d41a678b6a83a5819788137d5e07024dec6d099d02788988c270d611ec9936986114af18ff1ac98f3950a49af0ee3f3dd6d42f438f57e4bf894affc73d3d5a9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
6555c3f5b56560b69543278b3dd38c89

SHA1
3f748b1b48ffd250ce39a1aac404315a3700489e

SHA256
a33fbc5fd0ceec0641c9f08b8d11bd6b5a13fd57e0b9ff5f5de8e286c0f976db

SHA512
e33ce21ebba819acd2214ced39725700264ff8cfbb010763e365c769a72e2d21d93f159ebcff4fc845cdcd430cdfebb6f4f74688eae61502eabf7684f339447d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
3e3987fa34b4c32cdf5da9ea8995cd42

SHA1
ce2c2d0cc047da4ba3dc166b2b2c4b4913abe2f8

SHA256
75cc33349738fec93924851ef709f15b8060b33269a49fb673d5ebf8bd667f50

SHA512
261f9aaa0724902429e5ed2a16fce13843ec74582b0f89b54b9f1ca763b3b61dec2db0c3faf5dca8818e7c3b402abd14439543e1b7881b2a50e68a752550c79b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
3f2b128eb737b6da3e01e53cff1b74ba

SHA1
071a80967982e23a7c08bc236015d5a96f56b50d

SHA256
65258c0544f8cc34a49eb40f5ea7d83142f82c2c0422536dc96b126e544bd202

SHA512
a4ec6e17ca0ce688e5a9d25a179a600a9c466f55f45ca60f26332b310fd417061d8a274562a4587127d7a4c37f39ca868924e0e20759ea31b842f90e781e46dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
495f5651c5f01fb2334d10bbbd990acf

SHA1
0dd956049f15c3c02471096e3051ddf729b8fb24

SHA256
c5ab58bbfe6129a4cc88170d6271ecb07223eca46a408168dc873fc3aaae3fdc

SHA512
ab3ea219ad24ee69eedc984b2692e2c3616b0a2b6ea9796990a15eccfb1537fd4069f190576a8d2a1d6eba13d74bb8d183e3675fd49846817e173e36ffdbb8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
c54719e6c6acd17d4ffc63e471de7a7b

SHA1
a3c1bf9b879fbd6de4d85d2a8ed27ca447394833

SHA256
8fcaf9b310a9e91e3f4c3bec5ee7dcfb146da0d8d2f66b11b53c8ff94bcab90e

SHA512
b4449f312c44c630a891afd74a8f52d2cff6d6dbe248972a5f054421d08fc7defb94a831c667ef19bd0335ba48b0703fdc6864443864605e0aabd60c3eb18147

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
39081f37a0567e96f4ba1e9836d3aafb

SHA1
161c0f88afec0602d4b2c4a1da0aa27c1430ee3f

SHA256
22e50352f18dd9b5f5f668e36d71ff06c57838a1d026975aac94d49cce593164

SHA512
a3326a0f275134440968d068e399497a8cd0abe2f059ee1365032976039d052a6d9f336808299992f2e02ccf030acb4ca7d347f21b2b0d43aeb959be89fc535c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
4e2f2e2244d7e43bf85401dda0d847c7

SHA1
54f75a64ea475a9799a36a4c9c9f49a146c17d28

SHA256
969d5366c6754feebc3f33c5d9c6a7de0f869db0c9ae5cc0a48b6e88d9aeb1f0

SHA512
6fa29aa98277baf90602b90dafebf1ec4e3b6390af836a53234257f49f16b4c8ee0adc3e791013b0cf3c1694e80ec3ca6c38225a04e872e4a2603ff3f07d44e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
173KB

MD5
f0c410ebf0b9c20d50b2b66d4f4dd408

SHA1
503fac4227a4b372c457af6f5b56ae9872795171

SHA256
dd4f955f6f0c35cec1dfffc60ec758fd68a333ddf6e7285e5fa01ba9485093f7

SHA512
0e0fab99d291b23f8bde2e6bbf6cc54feaddc143e92605978b8d8feb07f28ebb88cdcc3109f8b1e32dd32351334c83b503121dd4e92565c4feafd2ed1946ff70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
117KB

MD5
c3b5e5a69d95a7dccb998df25fcb61fb

SHA1
abf189c499d91f69a2bb61af546c9a21a03a4eb8

SHA256
0bb4baff09fe78f50c664decc2a3191eb11a880a678d7caf0389a29bbbba21be

SHA512
e18ebce3866e6d3998d2d4563a58b20dcb603fcf3ca997d61ce07efed1c878ffb6a1571465ac4730517a3dd225fe17727068854e5728fe07b2de2a1b820e5e2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
120KB

MD5
cadb4f8cdb2e1c638c4e43ce16ed39d3

SHA1
4b712c43b26323f3e96df411b4b380233dbf636a

SHA256
5221f0cdcf77b2dc9de68188f2aa1115f71fa5a0a615dd4cf7df65598624e0ad

SHA512
7c54eb782128161c98e44695301d6d1ca3694fe0a2ba6aa29965be23b13a387ad68202b0798c85c4bb566e36d0580ade09e363c10d69960425cd16f95b802084

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
116KB

MD5
cfd427abe3add9753c5e6f1f337c93a4

SHA1
2254ffe04c50431cc682ea8b70919467fabea80f

SHA256
0dce4e42de75610d19ca1c79b36930db348045f902de84f428ed6bdab7478f90

SHA512
0238f9d983f2e1ecd76887a984fb8d5cef52f160b11c6673ae443db055aa70d86229ea99769912ef9b89aded853fc5b95224859041aa7edb234e27141597f529

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
101KB

MD5
cdd4dc9256f2d67c576c37053e42750a

SHA1
aef6354bfe3bfa19cfd2c233aed4d041e367aba0

SHA256
6146d7a06946b344e9974ff306242f5660beca8db6234029653f51d724548dd5

SHA512
45ee2db55bc7a8aea8a506419e3772cd6d9b9f6c0977b527b174050541cf7a3fa308cf4321bffa32882c23b3df584812eac8c6e09f34bafbc687bf0d0eb4efa9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
114KB

MD5
015f2ba81e51f956a0034f622c1ae8f3

SHA1
f175ce548e3cdb9a3592e9cb1879a005cb9f282b

SHA256
9625fa6007d06767f1a4d1d6f74b8288c37b0ee12789ee0213f91ca8b0e623a6

SHA512
1f64afbcd098eaa9558330c10eb1f3ccdd2dbbc5f63a5f9ce30a0ce07bd7f9946e26cc088636c77bb08a18e05b24148d2456c782ba017dee218c74df954f44a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe584d31.TMP
Filesize
98KB

MD5
5bebc641f590867038cf57b1b11759ce

SHA1
ba4a637482961aca1556b0d6fed0033ba1a3a431

SHA256
67e5c93e91eea18556c7997b99a6d02eb7c21284ddcfe6cf8ac5d40ab794f32f

SHA512
95c6a3a11959dcfd3d0333ffa07850f9f72c2daf46c8c4afa2d8c42d4332420456eb976267b3fd9da551104f14092ecd0e7b37511954256fbbd973a2278e144b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\5AN3FZ97\BatchIncrement[1].json
Filesize
163B

MD5
bedbf7d7d69748886e9b48f45c75fbbe

SHA1
aa0789d89bfbd44ca1bffe83851af95b6afb012c

SHA256
b4a55cfd050f4a62b1c4831ca0ab6ffadde1fe1c3f583917eade12f8c6726f61

SHA512
7dde268af9a2c678be8ec818ea4f12619ecc010cba39b4998d833602b42de505d36371393f33709c2eca788bc8c93634a4fd6bec29452098dbb2317f4c8847f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\LZ0AI98S\WindowsPlayer[1].json
Filesize
119B

MD5
8e7e1124df5cb13bde562332564be4a4

SHA1
37314dc17a1a5635581abbaedff6ab677469a334

SHA256
fca98f982f815aaa96f89bb30515e35e5dde746fcd175fe987d5d885d0a8b4b0

SHA512
2f16df7776ff2d8e3ec1288ecc9f333553e875c2040f83677a1ca0b6f0ad664b957a0a71001f11cd5721a13c1b0a38e1cce29239c772ced1b9ca689b474b1d8c

Download Submit
C:\Users\Admin\AppData\Local\Temp\2504_1692224832\LICENSE
Filesize
473B

MD5
f6719687bed7403612eaed0b191eb4a9

SHA1
dd03919750e45507743bd089a659e8efcefa7af1

SHA256
afb514e4269594234b32c873ba2cd3cc8892e836861137b531a40a1232820c59

SHA512
dd14a7eae05d90f35a055a5098d09cd2233d784f6ac228b5927925241689bff828e573b7a90a5196bfdd7aaeecf00f5c94486ad9e3910cfb07475fcfbb7f0d56

Download Submit
C:\Users\Admin\AppData\Local\Temp\2504_1692224832\manifest.json
Filesize
984B

MD5
59741ca0b4ed8f06f8984e5c91747a4a

SHA1
334c396dd6e710de0e5b82b93cfaba764abc0331

SHA256
8dabab92309c13bbbf130183e757967bb1d80b47d06d678d12bd7009bc4e0dd7

SHA512
9ff5db978545120a033f5899444cfce08fbb3bb68afd3ca4be394adf781f42c8689c3a2a3d929c0d391a7902315e2073509eb5f8344b96e186b1a63f35d565c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\3dfac88f838fa98fa32cc014787adbc3
Filesize
8KB

MD5
0d42b4f525ba0fdb17bda00909b1584b

SHA1
d109f9fcf73e19d21b880a73af8e71d6b2735068

SHA256
08ca4af779d8f6bb2ec62f67fbf18ccd9cf5b8baa7b243ac5c7ef67a4dc682ad

SHA512
6a656b99bacbd8756a5b9185bd992e01eb2c287319c3c910b38724cc684165e2f8c3c6f92dcb4a5f09661d93728a2290919cbfb2da9af832d785722b68dede13

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\697d9cbd90ed4adde7e3dd205d34cb0f
Filesize
19KB

MD5
3bc09b97a452d6ad47a9859725b8d738

SHA1
c973a477d992b525d753745846b8249fa47d5e0c

SHA256
9012be3ec9ab79aa7d1da22ff3457fb474a638e4caa3acc2053bfef18714f517

SHA512
e9a7846c74dbc4e2f9372484b91dc23d50e0ecdb8f4e6b4815f6a90bd91d35b4e959f0f3adee73b03784c0a51cf4f5b6c30e8609ab4f345f8dde914104d86669

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\927f8aed89407aade085f33c1c9db877
Filesize
91B

MD5
166123ced616111a7a22287a81b9a8c0

SHA1
c1ba434b3484cdcc07d718b0643c9fe51f17ad84

SHA256
048ebcc5ec9a9faa9f528eed80b7e0b9e0e7edb6cdfcc9353807854461492707

SHA512
83b74a148e31cc73ab9bf05579d0b546575b16a109b55f449ec472ba826212ae7104af69e597a3ffa0d8055585cab91ed292e1f7d9cc699ae2785c56878390ef

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX4CF5AFD3968744789E6734FD224F09B1
Filesize
91B

MD5
934a11b8eaef18e6790e660f167b251b

SHA1
1195e4573af3ac1c966de8210b162d76f57df7e4

SHA256
8a8ffcca05368fdf6f8941aa5ebf50c565c4946e660dac731827703d5d36665a

SHA512
7b9ec190b7cbdaa40921a775beb6cc245f9e92b12785d0c1a9fc6285a996a809a2c80546a099fbdf5e2628404e4cedc2ab652f3e02c27012fd2fb3ea6d1ddaa1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX6F134B9430054CAC8B587F7B3C4F7421
Filesize
91B

MD5
b04c0dc18c7d55cd67b193981117e8e5

SHA1
de1b8da5292626c82c5369243ab17e1fe87819e8

SHA256
0e9e0d48cb004bf17d389dc2d43451e7c45546210703bf2c36048568477f538a

SHA512
e6a2aea601a6cc021d9537fd56eaf034dbc5932f9dfeca57fa69921733af8d1c22fa4997a596f2895ca60a9a064ace6a135a8c5893381595521da9cdcfcfbef4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBX8ECAF68BF2484525BA469C15F68419A9
Filesize
91B

MD5
9de52d85b06da1acd48afa0d6d1d19aa

SHA1
6683b9c8eabeb1f315873fa6bcdfaaafa9353ad6

SHA256
8b231ef4bd7d12979f583d8c1b89c66ae7e379d6557a1bb6bfeffcafc15f1a2b

SHA512
f3c1210177102ad92dc8661720f12f4c6aed3a86991b59c823471464feb2eed41cc1512acc864cdace009852380701c20a694fdc0311d5a023c2b9298979c8fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\RBXBBA04A225CDA43308657A58BF3DD99BD
Filesize
91B

MD5
9bb7d22eb06b53486a0eb7d5e951170b

SHA1
e980c919116cd26bf48da068b2c5df9e369413b4

SHA256
ff07c705a4558f19dfcb053596133f37e9c777a5d096e0c42f80c22138b30359

SHA512
adb705c7c7995e45d477290f7d8f99f55be49f3a7818979eda1891472e3cc3d2f78a6ab7294c8e8b5c2893ec950a0379cb64bac1a1d33413eaf25399b34992d1

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\b8292311763226815a8023e5788b6412
Filesize
1KB

MD5
2cc31443204f3b4c4085aae9a5faa355

SHA1
20411aa81db0338e4818bf3d4d14432eabc96d42

SHA256
b84e98969b8ed5d35a39f5be6b79b4bd7308f93be4b15eb0cf617ab0f4aa9fc9

SHA512
74ed9a77b82e5861d6b525f60b0b6645e0682e080673557ccebf3ec5fb7b759f186e63dd5fa5e4a78f5ee5d270cc497a4bf781b149a877ab29bcc9d235d1ced4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Roblox\http\d363c45f6b77ce2e3c83030a199ff963
Filesize
64KB

MD5
240d273a84039a710bc5a72eeb4d9fd8

SHA1
2b084bef88a5ac724b28bc0c706bc2115f321ef5

SHA256
7bd032a1fb326aa4ade94812dac63125b55a33461c6ef0083e206a54a6d55e2f

SHA512
b8fa2f6c10d817412b8964efdf57f617b1e79f29476cf2d7edf906bc46622dcfb52ffe3f68b40723cf27d78dc49e1bbc37c079060f9bb373c7d44c9a33a8c7c0

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Cmdx\card.config
Filesize
12B

MD5
773229091774b2b77583da0f15a718ac

SHA1
fcdbebdefc85658d65e23dcc52cd1a3ae9a12ee3

SHA256
f70e955a67aad2ee28ac0c8b1c0882c9bd9991da51b87b224a4e22eefb8956f9

SHA512
7762bbbc14bdc679c51b5d9b75b1c19b0977d70c98a1edcbceaa950e7ba42c991ae4e81768a9bd80bb1bb2bd1eed4e6a18e98e16a2ec974464850d9c14a9fc2b

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Cmdx\preview.png
Filesize
155KB

MD5
971fcb67b3ed9746cfd5c12032c8f54a

SHA1
378d56a2909c9b4dacc1a679664de7a3b9b48109

SHA256
94d47c3270fd8af9431722aac704778dd0e157fcffe7e24435a25368272e6bfc

SHA512
3d5e2f7112462049cd84fabce244cd51cbc341e8adc4fa27e5516855dd6f1d9727d6dde463812f6c552a732ebb2dad87ea6eed38a9bf7a1ea55800068fecfa63

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Cmdx\profile.png
Filesize
7KB

MD5
fe0cf96f57839cdd21191af66c241b96

SHA1
fba1b795f839c0fbaa4e47dfd9ad79ac6c2a4562

SHA256
bafaba91b68e495a6946cfae26a1f194dd8e556c1fb28dcf1e220721eb0ecbfc

SHA512
5adf6c8fc4b24f5af253c0f03c5b57ac7243008765b3854ed4b83d758a1901997ff4e6d9e0e1918383bce19832b72fc68cc7005c8a53a329df41b2ad91162ce9

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Cmdx\script.lua
Filesize
1KB

MD5
4417aa7a7b95b7e9d91ffa8e5983577c

SHA1
367b923829db8fecf2c638fb500f161d22631715

SHA256
eafd7bc4f8aeacd998f6ffa38c8fc2ec2fb043ca97c956a0949aebb9bbbdbbe6

SHA512
04a5f440a6e00ea0aa8491ae4c6dd6aa68f704db54a43a5d6bf4c99446ae2c7792be8dcaee6542a93280eb35dc93acb60e8e4065f13c885e4186d80824feb04e

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\DomainX\card.config
Filesize
11B

MD5
a3d8125d741db04d38a0c2c56eb9521f

SHA1
69729d39c0b4ff201d2aa7c6a77ecb4652b22aa3

SHA256
e2e623686b91cc0075b0f86b4c4577e45d4ee2ac6fce0aeae7326550675d1a96

SHA512
014cb710f3ad4264bc6cb524c33569e297ff6eee5dd417d10e4a1519951fcc739663a794f373a86eae4a0280002b4ce2d90715e4d9328bfe18f669e98878a994

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\DomainX\preview.png
Filesize
534KB

MD5
1ea0fccbceecbcfbe9c57bf230241889

SHA1
4b538297c419731bed21e7f0f8c1f921c6c3f389

SHA256
79eb0dcb2cff8cb7a620fa87284fdf79a1bfd97690d193c8caa15ffa3068c9cd

SHA512
6229d6084be3f3368a98ffa4b0aaa5899fdd85d5dd2f538987a8abce2bf1d3c378731c1b1b37e2d555e47d8812f8b5e8fef0d68241dfbf2c8952ffb1737a6909

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\DomainX\profile.png
Filesize
19KB

MD5
be676e5468366d6f34839bab1a2be5dd

SHA1
14424fc881b910a406f364d1dffb22ee0dc28e04

SHA256
196c3db248754cab84491e35496aa7d2dbd93bd1f1dce0b20462c2310b13265e

SHA512
3e87468cd2fd4669a59f2a18a4a968a32414ea788eaee0f341b93387b852fcab3c0d4c5fa6a29f884520b6fa10916b39eb7791e82bc951355378356955bf2ca7

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\DomainX\script.lua
Filesize
98B

MD5
1f74e0539c4f0816badd444b487dbda9

SHA1
07fc32012374195023f00353c12d800a5ed8d07b

SHA256
f01656ce161b59d49730ced251f20cea8a4aac04efbd85152e3c89e0f182a41d

SHA512
d068fb33ff098e7db909784985bd7a47b62ba607119d976c7084db8260d05b1aacb984543b556cb002f53fbb14c9107477e9d1b51a78648e6bd040840a87c55b

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Hydroxide\card.config
Filesize
6B

MD5
af55765f33160409360ffefd60211d32

SHA1
f16b23456ff82b6875e996c252c92eac375c5c54

SHA256
adfe3a9eb182052dabd7530e315fc5c0784bf5d115002b9a1a6f76dddf35773d

SHA512
1488a18106ed2dbb1502f218f8a543eb45fb5d12fc5867dfbd7d0bb500915c9705a5a8e2a21e964f5aeadc460d69d0f39bc729fee8d66e75e08907bcd0adbc4b

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Hydroxide\preview.png
Filesize
10KB

MD5
6c5d6e01657cf543c2211452ff43f52f

SHA1
7f4735960b3128f279aa42c4351ee50b32580788

SHA256
014920b3352e755b1608681e3dc613ce68e7875527ac8372a8edf5f875d32f5f

SHA512
f01c45f42f9e55982e9191979c3f0854a064b7455f65141e9feeebb72432ebe3d784263ac81d67c4cdf48e4eb49b39787eca2fe3a4964a799b130ac79a6b4b04

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Hydroxide\profile.png
Filesize
12KB

MD5
516a58f5a912ea4cbef1098f8fd5ebc3

SHA1
217162ba93d4c94d7b9389694734e365a91905df

SHA256
c9d71e41f4103780f381c11ce608f797ffbbe3f92f20922cc8576203543aa461

SHA512
ec211867be06425d54e6c70aa60b99dd209b949cf70ed6922689645bc86e9508ce234c14e3a1c37f2950a95387eef7424a518abd82cd2ac4e6680fcc329ab5d7

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Community\Hydroxide\script.lua
Filesize
281B

MD5
c0baed80a080fcfbcbde7dc86d38b14e

SHA1
1d81bb414f6853c313b6eea6169a7b68001dca68

SHA256
0109c27defe896cf9cccf23e0dc8765d705e8660360c3eca2a2f30599b46d77b

SHA512
3397e3b5bf3591e8ae5ac4b41be05973c484279151d1239d1976ba1267441809e2addc04f74fb61f7ec6f82fa1c3b6f92acab90eb620095e11f55c9f3f2edb2c

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\7z.NET.dll
Filesize
15KB

MD5
982475050787051658abd42e890a2469

SHA1
d955e35355e33a9837d00e78c824f6e5792b47f3

SHA256
4e193ccda4ef7ec7fc1bc12d7abba225a9af5b4612aa0b67a02324b9da8b268c

SHA512
c97b40c82499759e8a11b581004252be618f967153b5a9ce425f9a385746f3a1bdc467686023f36ed11212ea23e1c6b03b4df32cc5dd2a8c4b1d4ab23541c1f6

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\7z.NET.dll
Filesize
15KB

MD5
982475050787051658abd42e890a2469

SHA1
d955e35355e33a9837d00e78c824f6e5792b47f3

SHA256
4e193ccda4ef7ec7fc1bc12d7abba225a9af5b4612aa0b67a02324b9da8b268c

SHA512
c97b40c82499759e8a11b581004252be618f967153b5a9ce425f9a385746f3a1bdc467686023f36ed11212ea23e1c6b03b4df32cc5dd2a8c4b1d4ab23541c1f6

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe
Filesize
628KB

MD5
ec79cabd55a14379e4d676bb17d9e3df

SHA1
15626d505da35bfdb33aea5c8f7831f616cabdba

SHA256
44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d

SHA512
00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe
Filesize
628KB

MD5
ec79cabd55a14379e4d676bb17d9e3df

SHA1
15626d505da35bfdb33aea5c8f7831f616cabdba

SHA256
44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d

SHA512
00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\7za.exe
Filesize
628KB

MD5
ec79cabd55a14379e4d676bb17d9e3df

SHA1
15626d505da35bfdb33aea5c8f7831f616cabdba

SHA256
44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d

SHA512
00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\Community.7z
Filesize
2.2MB

MD5
e7e69e3bb82e50d10e17fceb8851f1e3

SHA1
ac38d2c834b5ef30feb0b23272ee289779caf14c

SHA256
1f70e675fd69fa7d0efe44a2a6cbade8350ebb1cb3a9a18ff824cfd680b35ddd

SHA512
ba44f453d75ac413f404b89c5dfd1acbdf95aae10beb65599e7e52ecec7eb3ea82b95a6947fcda38e2cb878eb197714be3f3e3d93d5fc09e83ebb952117ded44

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\Untitled 1\script.lua
Filesize
5KB

MD5
10621d64b48a72adcb710da6508fcee1

SHA1
a7ed46843ccb511dbd0c7d165e5cbabaa6da98a7

SHA256
b628b946f045a39de14f115d01422b0178a62c5de3f229fdcb42255b224782b5

SHA512
51db2b6e6f2d9744944a4792278bc79c0fa03cf54a5ceda8148dc5b9dcaa2627e0e2237cbacfc85d577c3d08078b4497194536fcedcdf00e6671c2ac88d0bc6b

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\Untitled 2\script.lua
Filesize
100B

MD5
0562d6398548bd8aadf121ce71ad5084

SHA1
42736d3e775a53738ee12ffe2391afbafc494e38

SHA256
a05e4fa72d881c90b14bef9a9934f330f0beff93731e9e93915588ef40b8328f

SHA512
3f2e2f0b2a4b188c2b7fb414536c6d08502fc61fb0487b748f013742e0c63209d9cb7465dd4862d1c065816765735609f485b05ef9fd9a380e1faf18850dce5a

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\Untitled 3\script.lua
Filesize
3KB

MD5
4ed553ba2aa79b8d656e9ab516ce9044

SHA1
154896cad6c23116aed2a7ca7431571ec2c13f2b

SHA256
6693a622b04d232bec1fa5a2c4c6200367bd1f3fc4510b110e5dcf0440f05e78

SHA512
3bebe15574b1d4b5dcaa39e8bf1577c6951b7fe7793c8849d796ea82e27a196c65152f10dc3797cb0dfc776f20f0f2d232795b303d6098feb34853c3293cba1e

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\Untitled 4\script.lua
Filesize
52KB

MD5
dce551d238ebe49754c0ebf3befe8e80

SHA1
b548b540a66d259bdbaad8c5b3fe4b140ca1a952

SHA256
157bfbae4b70f8c980b7f71600bf91893bba8b91b6eecaf4cc411869a7387e11

SHA512
f12470d3d396e4d6d0d0ee9e1b34c587f3359b89f2c5a004a1052f62a92dc87cd097118c92d44471dea0a0d4ce03dc6513278fdf84c3978913672e993335ac97

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\Untitled 5\script.lua
Filesize
3KB

MD5
30b68edebf7445116ea4e1564935289a

SHA1
b824ca053fe9ba1c111154713e62adaf9c6fa6f1

SHA256
6a4b34fb6f8f8fdf218fcb3536bffb194a8e24bddc5cd64cd7c8bdb4c3b8b7e7

SHA512
8ec6f42696ca43ffcdf53bbabe77e75390705859b73f244bfaa9c11cdb4a39b9695a0eb57d0388d060ef337a1daec2f4bda48b833df3db6e81a1952faa6b8817

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\tabs.config
Filesize
32B

MD5
4ee09abf7007bbe8237b2b300a1c308d

SHA1
e66bad0e982b348e960c8beae0a7c639b7c97cdb

SHA256
56d832739223f867c4b40a01088d100deb6420e73aa32a58090cc71990e7b31f

SHA512
e176a143c12cbf2fc60f64832e2f530dfaa73dbd40526cb3b7670700ac3e52d2ac0075d6ee368afaa2b7ede82e8220d6165bf2280c35f93e62bf9acbe8b8b0ce

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\tabs.config
Filesize
43B

MD5
d247615c0c5c6aa515375bee3b2c3d1f

SHA1
c8c6c6902e1e16fd6262ac67fdc30543dd737a8f

SHA256
05f5c482b7c96891163ea917cf83c94ff94614cc0e84fc8830509ae4f37abf7b

SHA512
3801e3dc7962e4f7ec97e37b0c1e01a403ca05ffc3d0bc9e6c8e3c36572f1e309275804d75b28b0811707e938779a6f93496000c3bee612b4b89d9ff67174c02

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\tabs.config
Filesize
21B

MD5
828471f26cc1b64699af542b6a40a458

SHA1
528d800b226cc39e5a3ef9de5d64e40a1c4e7abe

SHA256
a40fdd42172fcf0356f7233e4702df93594fd99e932bc3f2b642aaab315b4ce2

SHA512
6971d7b993169efe2b7f0d74db95ec026a82ac7a3921430d9df54c2f235d4dbf9d420b6834d030d78fa592d542a8a9c0e8f9427f040359ffa4657e4ec6f336fe

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\tabs.config
Filesize
54B

MD5
4a07c83e050adf65f4aeadec67a0933f

SHA1
dec584ec4760ede1d3ec842492d48f00a20d0a1a

SHA256
22420b0f4095cf08bde6b378011963e1568aed1fbaf47fcbf386b81ab518a20f

SHA512
3fca5a120afd7cc8f66cc206a60488c0172ed0706adf23438ff6b070cd1270b2140548c2c0d5c46cc69c8aa01723d98d41455aa51514ee7018683f72f91d91a9

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\SavedTabs\tabs.config
Filesize
10B

MD5
d562efb8d0085ce79342a90326988ddf

SHA1
a8be4018df90768f3309db0a9db5c9d53383b425

SHA256
2e315bf9efc55d78951256e9c0bd223bf2c5d0d21fd3ed914c752c8d2896a07d

SHA512
308f4b6037e9d25f88693254ea6217ec8a0b0b2bb1575aa2a7304f2d733ea51f3824dc6e004f12aebd5401f353d80e48e59bd76e775fa3eef7b2e8ad14fc931c

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\Data\krnl.config
Filesize
48B

MD5
e158ba3426d245aa58618c813c489a46

SHA1
8a1f9e715129e4c29b1000b33b600eab05b76ccf

SHA256
a73a38e6d8c427c07ab1620f34e7de2877876afc126dd4212a0e38f3db50a970

SHA512
c796d7984eee666c1fc265781b0c8303ed24381ad83981c6b463461340600dddd7fb32c662ed4112db169767c21c2092e406d5b2eeb9bef5904484b854ad2eeb

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\KrnlUI.exe
Filesize
1.1MB

MD5
39ed86952a1e7926924a18802c0b75e4

SHA1
e7ad2a51e62fe68b1a82b17bcde347ab38c09ca3

SHA256
b84ceb86e9a8eba4d168f2cc6c9010c93779641e595f900aafe8cfef6165c126

SHA512
fe7b93af9bb2621148154389e6c7e1dca54c426df88fd09eab9b33763584a4eee837995d29f7dc1550acc4643c05f03a28b5a25e7019d7a4ceb70c238ae33bad

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\KrnlUI.exe
Filesize
1.1MB

MD5
39ed86952a1e7926924a18802c0b75e4

SHA1
e7ad2a51e62fe68b1a82b17bcde347ab38c09ca3

SHA256
b84ceb86e9a8eba4d168f2cc6c9010c93779641e595f900aafe8cfef6165c126

SHA512
fe7b93af9bb2621148154389e6c7e1dca54c426df88fd09eab9b33763584a4eee837995d29f7dc1550acc4643c05f03a28b5a25e7019d7a4ceb70c238ae33bad

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\KrnlUI.exe.config
Filesize
438B

MD5
909df77c711b4133a8f8560483ec2bb3

SHA1
8df8505ec0a0dd670b4044c641e772f6ded485a1

SHA256
c49ed8da5765f33cc854cf13ee0c33ed65d4eba6843c24d05e321e3b40f4a68c

SHA512
0547bae72cd75ad753ddd95c12b7a42b8b3285a3384925cf738c4cc6835c6dd21d16a6206662c4a723fcf348da7e62db3585564782c7daad49b765b43accb28d

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.Core.dll
Filesize
908KB

MD5
9aa41e58b0ceded6442c54e93cc279dc

SHA1
76b3622d8bd5c0ab88d2a6422866e8b572afb318

SHA256
a3ec829be118703645ebadde46a13d8aecc08291567314652e81ebc163ea8f0d

SHA512
ba24aac25bf61898e924cbf049a44e45dd996308b2caedce91978b67f4bb1accfc98860610ff0a5469fe5dd5e34c2a87bee1e8930d4019d3139bcab89552b3bf

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.Core.dll
Filesize
908KB

MD5
9aa41e58b0ceded6442c54e93cc279dc

SHA1
76b3622d8bd5c0ab88d2a6422866e8b572afb318

SHA256
a3ec829be118703645ebadde46a13d8aecc08291567314652e81ebc163ea8f0d

SHA512
ba24aac25bf61898e924cbf049a44e45dd996308b2caedce91978b67f4bb1accfc98860610ff0a5469fe5dd5e34c2a87bee1e8930d4019d3139bcab89552b3bf

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.Core.dll
Filesize
908KB

MD5
9aa41e58b0ceded6442c54e93cc279dc

SHA1
76b3622d8bd5c0ab88d2a6422866e8b572afb318

SHA256
a3ec829be118703645ebadde46a13d8aecc08291567314652e81ebc163ea8f0d

SHA512
ba24aac25bf61898e924cbf049a44e45dd996308b2caedce91978b67f4bb1accfc98860610ff0a5469fe5dd5e34c2a87bee1e8930d4019d3139bcab89552b3bf

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.Core.dll
Filesize
908KB

MD5
9aa41e58b0ceded6442c54e93cc279dc

SHA1
76b3622d8bd5c0ab88d2a6422866e8b572afb318

SHA256
a3ec829be118703645ebadde46a13d8aecc08291567314652e81ebc163ea8f0d

SHA512
ba24aac25bf61898e924cbf049a44e45dd996308b2caedce91978b67f4bb1accfc98860610ff0a5469fe5dd5e34c2a87bee1e8930d4019d3139bcab89552b3bf

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
Filesize
7KB

MD5
5f7e54710987e30dfca1e90c2063402d

SHA1
3917a469d1516efe34f275b5f31a83227cd14694

SHA256
2b44d738767dc991b0f8cbf3832190de9c1670da929e28e8073a88033f9548af

SHA512
b9ae359ae2a2f833aab10d3399b3620b0ef24482fdb398c8a3794f2fbba3329ef94227a200cf63c064bab18779ea56cd940159279a5ba2ae7f65bec5403fef4e

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.BrowserSubprocess.exe
Filesize
7KB

MD5
5f7e54710987e30dfca1e90c2063402d

SHA1
3917a469d1516efe34f275b5f31a83227cd14694

SHA256
2b44d738767dc991b0f8cbf3832190de9c1670da929e28e8073a88033f9548af

SHA512
b9ae359ae2a2f833aab10d3399b3620b0ef24482fdb398c8a3794f2fbba3329ef94227a200cf63c064bab18779ea56cd940159279a5ba2ae7f65bec5403fef4e

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.Runtime.dll
Filesize
1.3MB

MD5
a7fd4a62e39e518d26c93c72a2574123

SHA1
d466eb6792cc8a22237d34e49b29b1fef88a9256

SHA256
8145075e6bee962eb6b160cf13fa16d907be16a1155291e7016b69a5ccaeef85

SHA512
96b8e9f1f40111009b4dd2c404545f1272f2ff04e888839ae9e8cda9f88ebfa47862e64d88f772616f9687aac8888bc805f79f17c205d168a9a306e3f70d5576

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.Runtime.dll
Filesize
1.3MB

MD5
a7fd4a62e39e518d26c93c72a2574123

SHA1
d466eb6792cc8a22237d34e49b29b1fef88a9256

SHA256
8145075e6bee962eb6b160cf13fa16d907be16a1155291e7016b69a5ccaeef85

SHA512
96b8e9f1f40111009b4dd2c404545f1272f2ff04e888839ae9e8cda9f88ebfa47862e64d88f772616f9687aac8888bc805f79f17c205d168a9a306e3f70d5576

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.Runtime.dll
Filesize
1.3MB

MD5
a7fd4a62e39e518d26c93c72a2574123

SHA1
d466eb6792cc8a22237d34e49b29b1fef88a9256

SHA256
8145075e6bee962eb6b160cf13fa16d907be16a1155291e7016b69a5ccaeef85

SHA512
96b8e9f1f40111009b4dd2c404545f1272f2ff04e888839ae9e8cda9f88ebfa47862e64d88f772616f9687aac8888bc805f79f17c205d168a9a306e3f70d5576

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.Runtime.dll
Filesize
1.3MB

MD5
a7fd4a62e39e518d26c93c72a2574123

SHA1
d466eb6792cc8a22237d34e49b29b1fef88a9256

SHA256
8145075e6bee962eb6b160cf13fa16d907be16a1155291e7016b69a5ccaeef85

SHA512
96b8e9f1f40111009b4dd2c404545f1272f2ff04e888839ae9e8cda9f88ebfa47862e64d88f772616f9687aac8888bc805f79f17c205d168a9a306e3f70d5576

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.dll
Filesize
36KB

MD5
100f91507881f85a3b482d3e1644d037

SHA1
4319e1f626318997693e06c6a217fbf2acdf77b2

SHA256
7f9338f537a469e71dd3c269137bc0e5a11f769edfda8a1891319c0139a1b550

SHA512
993b92a1f28b1cbd37b2d7fb646ee04473eb81de02017b66e7ec2efa2a83b4ff35bee44aaa643c0ed531d42fc4638081a73b50caa530f29eff6bbeb252ea46e1

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.dll
Filesize
36KB

MD5
100f91507881f85a3b482d3e1644d037

SHA1
4319e1f626318997693e06c6a217fbf2acdf77b2

SHA256
7f9338f537a469e71dd3c269137bc0e5a11f769edfda8a1891319c0139a1b550

SHA512
993b92a1f28b1cbd37b2d7fb646ee04473eb81de02017b66e7ec2efa2a83b4ff35bee44aaa643c0ed531d42fc4638081a73b50caa530f29eff6bbeb252ea46e1

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Core.dll
Filesize
36KB

MD5
100f91507881f85a3b482d3e1644d037

SHA1
4319e1f626318997693e06c6a217fbf2acdf77b2

SHA256
7f9338f537a469e71dd3c269137bc0e5a11f769edfda8a1891319c0139a1b550

SHA512
993b92a1f28b1cbd37b2d7fb646ee04473eb81de02017b66e7ec2efa2a83b4ff35bee44aaa643c0ed531d42fc4638081a73b50caa530f29eff6bbeb252ea46e1

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Wpf.dll
Filesize
100KB

MD5
6a9e3555a11850420e0e1d7cbaa0ada4

SHA1
17597a85caf29df6556fef012dd1fe5205ef2cb2

SHA256
a39b72613843a4e1b40761fa83c2b7c87941e461c32d091655c42d9cbfa59fac

SHA512
41d1f5c6e38a02a232f8cf3afcf44e7bc8c83ac5616849a78560a3e064e7b220d272f37507c2d5d939b1a0aff5884f3f930759d1b39d11c3cedcc0f2d962ae6d

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Wpf.dll
Filesize
100KB

MD5
6a9e3555a11850420e0e1d7cbaa0ada4

SHA1
17597a85caf29df6556fef012dd1fe5205ef2cb2

SHA256
a39b72613843a4e1b40761fa83c2b7c87941e461c32d091655c42d9cbfa59fac

SHA512
41d1f5c6e38a02a232f8cf3afcf44e7bc8c83ac5616849a78560a3e064e7b220d272f37507c2d5d939b1a0aff5884f3f930759d1b39d11c3cedcc0f2d962ae6d

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.Wpf.dll
Filesize
100KB

MD5
6a9e3555a11850420e0e1d7cbaa0ada4

SHA1
17597a85caf29df6556fef012dd1fe5205ef2cb2

SHA256
a39b72613843a4e1b40761fa83c2b7c87941e461c32d091655c42d9cbfa59fac

SHA512
41d1f5c6e38a02a232f8cf3afcf44e7bc8c83ac5616849a78560a3e064e7b220d272f37507c2d5d939b1a0aff5884f3f930759d1b39d11c3cedcc0f2d962ae6d

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.dll
Filesize
1017KB

MD5
f371f39e9346dca0bfdb7d638b44895d

SHA1
742f950afc94fd6e0501f9678ba210883fd5b25c

SHA256
3a7bf88d5376a46cab4d6be0169a6dc98361f9485d178c20faa162380d165327

SHA512
753b400c80be841910227c5eff53dbf607b5c6fcdd05e53cfaf487529c54955bf32ea4d939927a7be1a602fc6e306c20e25850d36690b36d22948c0a7bf2d4a7

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.dll
Filesize
1017KB

MD5
f371f39e9346dca0bfdb7d638b44895d

SHA1
742f950afc94fd6e0501f9678ba210883fd5b25c

SHA256
3a7bf88d5376a46cab4d6be0169a6dc98361f9485d178c20faa162380d165327

SHA512
753b400c80be841910227c5eff53dbf607b5c6fcdd05e53cfaf487529c54955bf32ea4d939927a7be1a602fc6e306c20e25850d36690b36d22948c0a7bf2d4a7

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\CefSharp.dll
Filesize
1017KB

MD5
f371f39e9346dca0bfdb7d638b44895d

SHA1
742f950afc94fd6e0501f9678ba210883fd5b25c

SHA256
3a7bf88d5376a46cab4d6be0169a6dc98361f9485d178c20faa162380d165327

SHA512
753b400c80be841910227c5eff53dbf607b5c6fcdd05e53cfaf487529c54955bf32ea4d939927a7be1a602fc6e306c20e25850d36690b36d22948c0a7bf2d4a7

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\chrome_100_percent.pak
Filesize
620KB

MD5
e05272140da2c52a9ebef1700e7c565f

SHA1
e1dc01309fca499af605f83136d35e6d51fcd300

SHA256
123092a649b8def6efca634509fb20ba4fbf9096d6819209510b43b5f899c0a3

SHA512
476907363a0d1e1bf81d086aff011b826fd28a885e2eabd2e07e48494eafbd48d508b1a9050efe865585f7c4d92a277886440876846cba8a2226033ff35a7a81

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\chrome_200_percent.pak
Filesize
933KB

MD5
0d362e859bc788a9f0918d9e79aea521

SHA1
33abea51f76bde3e37f71b7e94f01647bb4dcbd5

SHA256
782f475d56e62c76688747a22ba4ae115628c5c3519c3c1e3d1a51a4367bfc28

SHA512
37ca08bbe5525d0f2d45a9fe65a45f6c5d8366330fc60304822d4c7470dd66b8733d92803ce6aabdf4175ad0cf43d6e4a9ff9d4e49ff89d8eddc5f7083e7f067

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\chrome_elf.dll
Filesize
965KB

MD5
1b2a029f73fe1554d9801ec7b7e1ecfe

SHA1
01f487f96a5528e28ca8ca75da60a58072025358

SHA256
d4800601b82371914f0efc45f1200ce8bb9d57c15c52b852f9f452751af61912

SHA512
a32e991cbe0681aa66535a454dbc961df4be142f9983dcc48d1bafb9be938c5abbd8cc6219b0614074ab2c51e4ce410d056fced6d6ed4cfc0048bbee9cba29b1

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\chrome_elf.dll
Filesize
965KB

MD5
1b2a029f73fe1554d9801ec7b7e1ecfe

SHA1
01f487f96a5528e28ca8ca75da60a58072025358

SHA256
d4800601b82371914f0efc45f1200ce8bb9d57c15c52b852f9f452751af61912

SHA512
a32e991cbe0681aa66535a454dbc961df4be142f9983dcc48d1bafb9be938c5abbd8cc6219b0614074ab2c51e4ce410d056fced6d6ed4cfc0048bbee9cba29b1

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\chrome_elf.dll
Filesize
965KB

MD5
1b2a029f73fe1554d9801ec7b7e1ecfe

SHA1
01f487f96a5528e28ca8ca75da60a58072025358

SHA256
d4800601b82371914f0efc45f1200ce8bb9d57c15c52b852f9f452751af61912

SHA512
a32e991cbe0681aa66535a454dbc961df4be142f9983dcc48d1bafb9be938c5abbd8cc6219b0614074ab2c51e4ce410d056fced6d6ed4cfc0048bbee9cba29b1

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\icudtl.dat
Filesize
9.8MB

MD5
d866d68e4a3eae8cdbfd5fc7a9967d20

SHA1
42a5033597e4be36ccfa16d19890049ba0e25a56

SHA256
c61704cc9cf5797bf32301a2b3312158af3fe86eadc913d937031cf594760c2d

SHA512
4cc04e708b9c3d854147b097e44ff795f956b8a714ab61ddd5434119ade768eb4da4b28938a9477e4cb0d63106cce09fd1ec86f33af1c864f4ea599f8d999b97

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\libcef.dll
Filesize
139.0MB

MD5
7bc0244dba1d340e27eaca9dd8ff08e2

SHA1
3b6941df7c9635bce18cb5ae9275c1c51405827c

SHA256
43c16856ebf80186a248fcdcce694c33cc02307005eee6724e0fd4974f954e7e

SHA512
3a9acdc1b07831708c88111bfc4ac9552e24ea1df5b6c13a0c6bf7beeebe35d8509bdb9f09c84a9b0361d4501214508fd3911a9b3d97f08ca71563dd7d744a0a

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\libcef.dll
Filesize
139.0MB

MD5
7bc0244dba1d340e27eaca9dd8ff08e2

SHA1
3b6941df7c9635bce18cb5ae9275c1c51405827c

SHA256
43c16856ebf80186a248fcdcce694c33cc02307005eee6724e0fd4974f954e7e

SHA512
3a9acdc1b07831708c88111bfc4ac9552e24ea1df5b6c13a0c6bf7beeebe35d8509bdb9f09c84a9b0361d4501214508fd3911a9b3d97f08ca71563dd7d744a0a

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\libcef.dll
Filesize
139.0MB

MD5
7bc0244dba1d340e27eaca9dd8ff08e2

SHA1
3b6941df7c9635bce18cb5ae9275c1c51405827c

SHA256
43c16856ebf80186a248fcdcce694c33cc02307005eee6724e0fd4974f954e7e

SHA512
3a9acdc1b07831708c88111bfc4ac9552e24ea1df5b6c13a0c6bf7beeebe35d8509bdb9f09c84a9b0361d4501214508fd3911a9b3d97f08ca71563dd7d744a0a

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\locales\en-US.pak
Filesize
296KB

MD5
99b4fdf70abc76d31e44186e09a053a6

SHA1
fb4192460341de2a04127f1e7fdf5c41b12ca392

SHA256
87dc8b512fdb79d381db0577961967ac2968a902f4914b6fd3bb59ef84a149fa

SHA512
d84b2c0a1fb32515e45bfb922f14a7134ddf01c62ec1405f2d5c7e54a8b4993e943333e3a69905856215a51b3df64f2547128bd0094b70280bb105b4444f32da

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\bin\resources.pak
Filesize
6.8MB

MD5
34516ad6ff9278dea1fa89839156cbe5

SHA1
c61792315d0cb0d0f1e55fb985e3f6bb471fb2c5

SHA256
91d3ab4e61bc261d9cc78b750dfc26561fee06fe1431136652f9f50371be2426

SHA512
6e4046a2eb72b17451528d1995e2359cb058a9dd41af586f3e88693c621ffd97213031462fc1fd8a23c7e91217066c2f0b56522fcdafe862bc24eec30b059d29

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\krnl.7z
Filesize
71.1MB

MD5
cb244bb2cbed782853d39042fd705b4b

SHA1
f9a69f8f2b87134579ca8c50b91a67bd596553fe

SHA256
d45f3cc6274717014136b6515c250a966f86cd3ecd3dc2c66b3c4c234831e015

SHA512
3d189aba28e8dd59e1e293ad8e962f38518ca11b8aa88b364e06f5ebcbc2626e9963594aa76a59971efbb5a34f6a99e23a1f090def1661abae95ebdd758bf73d

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\workspace\IY_FE.iy
Filesize
539B

MD5
291d5636a434c4f1ceb0f3f776c2a51f

SHA1
ae287e08f71c522a72812f0dace94b8ffb569341

SHA256
73bb58ba5b81960caf5a8e66675cc89b5761b77db99c6ceb9435f7211d400452

SHA512
7dab8034f85aef1b2b7a86cc8220ebdbb95a3f083d1565e1cff38414367aa69fc597a11aaba11dbef411e13fbfb285855d9c46ae59738f6e88c22dd55c81a743

Download Submit
C:\Users\Admin\AppData\Roaming\Krnl\workspace\SimpleSpy\Settings.json
Filesize
154B

MD5
4b50ff9ef0695fd04dc011164523eb2c

SHA1
c9eb5178f320f80a7aac9b50176fe2deb6e0f496

SHA256
0072a0b4fef0cda0dcae0385ec5cbc6a3458c3e71ff77bfe025d98a2cdd0292f

SHA512
d4d86ac30ec777b4096201ea2e2a4c6e7ca6472bbec7dc6671ab07b3f40f8fdc64778869a272df0d6768aa3471ace38e9c811a99283239246380ee7219b1746b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe
Filesize
2.0MB

MD5
6b68f3be3850e9b2ac03bad9f4de5b88

SHA1
57c59090e38d6e0128874ed93f53a4e3c65ee47b

SHA256
159a30c008bb234af56a7c786cb5352e7b96dc62fac6b2ca2ea7fa75fc6841b7

SHA512
de8b266ef96aec59987e025dfccd51d8bd91e7e4523c6bc4ccab73de5819b429033da773c1f155e98607d1d60bd63e1b07deca2b454493bd5b8122cc265bbeb7

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 931271.crdownload
Filesize
1.8MB

MD5
50515f156ae516461e28dd453230d448

SHA1
3209574e09ec235b2613570e6d7d8d5058a64971

SHA256
f4afba646166999d6090b5beddde546450262dc595dddeb62132da70f70d14ca

SHA512
14593ca96d416a2fbb6bbbf8adec51978e6c0fb513882d5442ab5876e28dd79be14ca9dd77acff2d3d329cb7733f7e969e784c57e1f414d00f3c7b9d581638e5

Download Submit
C:\Users\Admin\Videos\Captures\desktop.ini
Filesize
190B

MD5
b0d27eaec71f1cd73b015f5ceeb15f9d

SHA1
62264f8b5c2f5034a1e4143df6e8c787165fbc2f

SHA256
86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2

SHA512
7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

Download Submit
\??\pipe\crashpad_4208_QCNJVPYYLHJSYYFL
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/436-873-0x0000000004E50000-0x0000000004E60000-memory.dmp

Filesize
64KB

Download
memory/436-943-0x0000000004E50000-0x0000000004E60000-memory.dmp

Filesize
64KB

Download
memory/780-860-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/780-942-0x00000000010F0000-0x0000000001100000-memory.dmp

Filesize
64KB

Download
memory/1300-940-0x0000000005760000-0x0000000005770000-memory.dmp

Filesize
64KB

Download
memory/1300-854-0x0000000005760000-0x0000000005770000-memory.dmp

Filesize
64KB

Download
memory/1300-761-0x0000000000B10000-0x0000000000B18000-memory.dmp

Filesize
32KB

Download
memory/2404-139-0x0000000005B90000-0x0000000005BA0000-memory.dmp

Filesize
64KB

Download
memory/2404-944-0x0000000005100000-0x0000000005110000-memory.dmp

Filesize
64KB

Download
memory/2404-162-0x00000000093A0000-0x00000000093AA000-memory.dmp

Filesize
40KB

Download
memory/2404-154-0x0000000005B90000-0x0000000005BA0000-memory.dmp

Filesize
64KB

Download
memory/2404-133-0x0000000000EE0000-0x00000000010BA000-memory.dmp

Filesize
1.9MB

Download
memory/2404-153-0x0000000005B90000-0x0000000005BA0000-memory.dmp

Filesize
64KB

Download
memory/2404-874-0x0000000005100000-0x0000000005110000-memory.dmp

Filesize
64KB

Download
memory/2404-152-0x0000000005B90000-0x0000000005BA0000-memory.dmp

Filesize
64KB

Download
memory/2404-138-0x0000000005B90000-0x0000000005BA0000-memory.dmp

Filesize
64KB

Download
memory/2404-137-0x00000000091B0000-0x00000000091BE000-memory.dmp

Filesize
56KB

Download
memory/2404-136-0x00000000091D0000-0x0000000009208000-memory.dmp

Filesize
224KB

Download
memory/2404-135-0x0000000008860000-0x0000000008868000-memory.dmp

Filesize
32KB

Download
memory/2404-134-0x0000000005B90000-0x0000000005BA0000-memory.dmp

Filesize
64KB

Download
memory/2504-670-0x0000000004C30000-0x0000000004C40000-memory.dmp

Filesize
64KB

Download
memory/2504-911-0x0000000004C30000-0x0000000004C40000-memory.dmp

Filesize
64KB

Download
memory/2504-657-0x0000000005120000-0x0000000005130000-memory.dmp

Filesize
64KB

Download
memory/2504-856-0x0000000004C30000-0x0000000004C40000-memory.dmp

Filesize
64KB

Download
memory/2504-941-0x0000000004C30000-0x0000000004C40000-memory.dmp

Filesize
64KB

Download
memory/2504-633-0x0000000000060000-0x000000000017E000-memory.dmp

Filesize
1.1MB

Download
memory/2504-915-0x000000000C630000-0x000000000C730000-memory.dmp

Filesize
1024KB

Download
memory/2504-3733-0x0000000007370000-0x000000000737A000-memory.dmp

Filesize
40KB

Download
memory/2504-645-0x0000000004D40000-0x0000000004D60000-memory.dmp

Filesize
128KB

Download
memory/2504-910-0x0000000004C30000-0x0000000004C40000-memory.dmp

Filesize
64KB

Download
memory/2504-665-0x0000000004C30000-0x0000000004C40000-memory.dmp

Filesize
64KB

Download
memory/2504-652-0x0000000005230000-0x0000000005334000-memory.dmp

Filesize
1.0MB

Download
memory/2504-859-0x000000000C630000-0x000000000C730000-memory.dmp

Filesize
1024KB

Download
memory/4900-1966-0x0000000004F91000-0x0000000004F96000-memory.dmp

Filesize
20KB

Download
memory/5360-5325-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5096-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5286-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5310-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5022-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5345-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5232-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5362-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5377-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5392-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5411-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5426-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5442-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5461-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5489-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5504-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4044-0x0000000024350000-0x0000000024351000-memory.dmp

Filesize
4KB

Download
memory/5360-5215-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4047-0x0000000024520000-0x0000000024521000-memory.dmp

Filesize
4KB

Download
memory/5360-4989-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5199-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4048-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5184-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4955-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4054-0x0000000024340000-0x0000000024341000-memory.dmp

Filesize
4KB

Download
memory/5360-5169-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5154-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5139-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5115-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5271-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4330-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5080-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4888-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4816-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5065-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4793-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-2546-0x00000000063F0000-0x00000000063F1000-memory.dmp

Filesize
4KB

Download
memory/5360-4753-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-5050-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-2702-0x0000000008950000-0x0000000008951000-memory.dmp

Filesize
4KB

Download
memory/5360-4056-0x0000000008300000-0x0000000008301000-memory.dmp

Filesize
4KB

Download
memory/5360-4063-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-2571-0x0000000000B40000-0x000000000626A000-memory.dmp

Filesize
87.2MB

Download
memory/5360-2564-0x0000000008940000-0x0000000008941000-memory.dmp

Filesize
4KB

Download
memory/5360-2561-0x0000000008920000-0x0000000008921000-memory.dmp

Filesize
4KB

Download
memory/5360-4688-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4620-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4135-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4172-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-2560-0x0000000008910000-0x0000000008911000-memory.dmp

Filesize
4KB

Download
memory/5360-4190-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4483-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4432-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-2562-0x0000000008930000-0x0000000008931000-memory.dmp

Filesize
4KB

Download
memory/5360-2549-0x00000000088F0000-0x00000000088F1000-memory.dmp

Filesize
4KB

Download
memory/5360-4394-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4244-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download
memory/5360-4373-0x000000005FCC0000-0x000000006050E000-memory.dmp

Filesize
8.3MB

Download