hxxps://www[.]myabandonware[.]com/game/kid-pix-deluxe-4-cm9

Analysis

max time kernel
1800s
max time network
1689s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
12-05-2023 08:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.myabandonware.com/game/kid-pix-deluxe-4-cm9

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133283522692946611"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4132	chrome.exe
4132	chrome.exe
6880	chrome.exe
6880	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 52 IoCs

pid	Process
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe
Token: SeShutdownPrivilege	4132	chrome.exe
Token: SeCreatePagefilePrivilege	4132	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe
4132	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4132 wrote to memory of 1940	4132	chrome.exe	86
PID 4132 wrote to memory of 1940	4132	chrome.exe	86
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 1848	4132	chrome.exe	87
PID 4132 wrote to memory of 212	4132	chrome.exe	88
PID 4132 wrote to memory of 212	4132	chrome.exe	88
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89
PID 4132 wrote to memory of 4424	4132	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://www.myabandonware.com/game/kid-pix-deluxe-4-cm9
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe5699758,0x7fffe5699768,0x7fffe5699778
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:2
  2⤵
  PID:1848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3160 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3136 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4924 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:3548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4872 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5252 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5340 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5336 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5860 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6036 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6188 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6204 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5864 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6652 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:4116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6852 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6816 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6656 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7672 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=7404 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7408 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7972 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:2948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6604 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=7080 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=8456 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7812 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6464 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8440 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5944 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=8392 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8488 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:4888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8824 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=9124 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=9132 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=9108 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=9600 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=9756 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9096 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9908 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7720 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9776 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=9796 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8888 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=9748 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=10740 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8832 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5356 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:5772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=11024 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=11016 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12908 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:6620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10500 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:7152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=5508 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5824 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=928 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=5364 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=5832 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:4536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=12828 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5340 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:3912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1656 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:3848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12552 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12728 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:6948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11876 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1800,i,15238283003247734390,15273672356068398479,131072 /prefetch:8
  2⤵
  PID:5900

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2116

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\014b5648-d85a-47e9-829e-d0b89c320dbd.tmp

Filesize
6KB

MD5
7fffd936a910845ee614d5027e187886

SHA1
aa77cd9d0acb9d9a41a1e292438373ea4b99884f

SHA256
a72239a206366f5651e634ab74448e07696388de9639a881ce709db590c4d057

SHA512
4b16005406b25ef6260d9570d5ef3513352a19b2570f6236354ec01a26e76c4dafcf28987b3b87f4d83c8e5c325540960d0dce55d96a6889f0aa1599cc3ba1dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
68KB

MD5
034a1ff426bbac0ba406439064e1fad9

SHA1
8544a822477c1cde9e3a1c7497fd4c19f22105bd

SHA256
80ea5f456db3c0e69cb07ba25e06d11b3f11efb08d3f43ad65faa671848a9a4e

SHA512
f3628dfefacdac37302dc3bd097ea7cb26c580e934d269237f5b6dd2a3142697650376b9258824190c1785e6b444e0842014e46f4d2fe02f9ff98c8b6f0887be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
26KB

MD5
6fca52e3831c6d876b018fb8a514dc03

SHA1
8827d0600701a2d352d7f8c7e945e6086dfa8fc2

SHA256
703f6366a30294dd16b7627f14540f5473398a4576a1ee5089dd11a3674ed505

SHA512
31bb42c197e916c4ac4b70046db106924a46328131679586e4391d2f9f8987b73f91cbdb864083ecc943aaa94675bc3e0ae9b78d7e44043894f774bd6b1942dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
29KB

MD5
8a41411f55625e8f0ee9049a078e2bd1

SHA1
d4813573ed5e648f2ac33a80f3ac5e0560c2c92e

SHA256
96f7cbcd34dffca10466c7d2ad422f138e2dd153cfeded568a246afdbbccb80b

SHA512
9c35d9714a86dc0cbff5250c58443d99b72e94fe0a875fa85e45146f6d03f9c4222468c11ea617fcbd5b12ccde15eef72468305b4c346b9050d0b6022e2eefce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
934a752988e441ea775d12767ff2a406

SHA1
8a3395869ac37e2ec3b57a1b9872b07a7c7b32c8

SHA256
dbed2afd1f6233ab0e49649768ddf9cb6605ba5310c4e00049dd6ba9141c4e02

SHA512
aa724547dd08322c51de1f3445382a514c856763359b59c1cc76c34e0488008c4b038bc21aada325d0d349c8667ea74fdc8824d40eea866c82c4bb3401dd71d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
4f8542c3022670de51169e00e45e0969

SHA1
10edf07e1a80c3f0c3da506d33ab15a8bf5c05f4

SHA256
a377442f357396991faafb999710486e5a6fe2b07a4884c6d9dd132d145fb9e9

SHA512
3a8b8446886f412244aee72b18d333bd3f070cefe2cf2588aff04b44cf46c540aa930960bb0bf449c942801efd85534ba41e47eea48d4325884406add7b7a4c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
78639df41df41186513eedc6459188fb

SHA1
a4c0cec49814bd85b4abc922930bd297de2eb028

SHA256
35d25d8c35b60f90411d9c17d98ce555060a896e20362331d7c453073e2cad23

SHA512
398391ee67c9e026cce6c6f923191cf452df236ff2f463218804dd39f3248fdf74c5490fdd44117db0a4774e2fb8eadb7c68a9892c0eeda25572a1cf5b35830e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d4e7841ed5f9e91296d4a229d77a1b29

SHA1
bc6563a5c021787d3848c38242a0816eba6e6f04

SHA256
e55cb3a74261d44b10d51340bba2c27471ded07ac6aadb6c730b0a4fb391c5f2

SHA512
01aa3da4276c9fb6a1c1aadda3ba96085b7f28b78d209e1ddcd0d8da20199b16eb2e172d5b6bf2c9de5e8c0e43296b76b1ca82dd175dc8cc50a72631eb9a5065

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
983f61e3d9650c2914fadf1b96b3007f

SHA1
6cef4a8b93155306b9a470e0f0367d16c95325c9

SHA256
64b0f601c00493a6ac90b481275be47d2a59b549117bd8618b1bced002f58362

SHA512
841c1e0b546568923b626685a18326462b3cc82a3409a64b48241876f20ea81dd47b31c1970611632f2a7487c591b8885e7f1de5d36502d85a886ef3a19e4367

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\427208c6-a266-4a99-beaf-0c01d9f94503.tmp

Filesize
6KB

MD5
e9d54846f554fd1d9330a42beb02777d

SHA1
82c893e7eb643c175abf6194b737a6c991b1bdc4

SHA256
010c20a0e20e26e980511bf278565037751a49f9cfd1ca1e90ad52b425b21567

SHA512
a353ad082ac5b2a91be495e33002949e1dbbc821fa3cb31e3734ca785b933fdb3e229c83e8373f7720e2bb5b90690a3cf86bbe57f818bcad531c8585afb3239a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
8432dca7cabe25962405ee26c30228f7

SHA1
4d39c0ec39c6338ebbe1eb85c125ff0d5ea06755

SHA256
a861d305f73e0f12b7510c7e19e8e86b3b9ffbe26dd3c4ef32bbe1ed4cd54438

SHA512
b9a1babb925ac7332114412cc11323c6f2ed8de5ff602b2364a6c48a67afbda1196c2938d67461b3092ce38bc0b0ace5f65d2e52693eb236398ac6fd4c36d5cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
1d315bafe60fad9bb6aa4388b56e5836

SHA1
8b7e49b3506dc16e6def2413f45ba428cff43446

SHA256
8231c390e1d2fd28918bb50f2e932784c4dd08b2c6d207bc7304e87c5e18b63e

SHA512
7273e9335e8cccf9f62cc25bf020987a809ae407a676db42ef7ded28e6d7843828a4d5568a75b4db90c602b34198d56bffbebe5ea2ba4529903685bdf53dd853

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
18KB

MD5
cb5843316f4d5d52a41c4f871e62dc8e

SHA1
293382dece3514eb678322f4e89fba89536a3f90

SHA256
8d8d3baccf01f16a659e51840f65f50ee2d0b6801cc3ca3390dbed1b6cc28a6f

SHA512
2c8eebe9716675f49a78e2b95e73729c46af573324fc0ef5d82c84c2040e74e8046c1d81e6db7dc9b91d5dcc6c0d7d238ff1a588d2ab99e88dc9a6afb5518398

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
dcb2c197833763b561e0e81bcc79acf5

SHA1
9549c338228ac3ffed2eaecfb41b2945cf4d1c7d

SHA256
3ee294d47ebf7bcccd16a98bc1ea01873ad3e63e0e49e48edf6289b7fce3f473

SHA512
f967d53715eb6941289776c0e5e44ae5a64efa51db07c1100d82a0e79f48d357a9976d9c4ac79b0890a4f9d9958c416c5d047c4753ab2a7e00b1c96236e43a15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
e36321fbfdd3483acbbb40ef2c6d473b

SHA1
680cac28be7e56089d5bbe40a28cc921df7a031c

SHA256
3aed22c59f804268aaa3c9c030506e10b0889bbd108d6180528c2ecaa06bb37e

SHA512
41ca1a75a0d865063f970e1baa6b0b7e7cd4544ba6efa2f99a252596dc76a587391ac654cfa9739c2f5b2ebbb8999a0bde6f5aceebde581857be14e7b909ba1a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
c6c42de64045279e1e8be5bbc312216d

SHA1
9a2dcc1d6bf93073aee6d7479643490c2c14f468

SHA256
0942933b96964b38648234a0e41c4e2982573a214c10b5daf23ae687a34f55e8

SHA512
d9df6c5739c26ac602831995bf121e343a70dc8f166b152d22c9d1ae4aa2b85a57ba89a5bbdaefe63739f798efced0dd49ad759974c6c155fb4688b3e02815cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
4dfc7d99c64c91372fdf1d31cb98d0e1

SHA1
9f8b51c359ae0197627d45180bc6d1d990ea8fb7

SHA256
fe49e2717b903aa189c14552f7a380b34bef174e4935b60822687ea5c1865046

SHA512
b38b8ffed0e4d9a550807f36a36a606245b5cfa216a0e0deff4f9d5c54cfd0f95a6c88bcf800aba7201846a58678fe57ef370bbf26a0bfdcb512bb7ed2ed90f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
8142c6f8037b71ec6bc336d853c3c349

SHA1
53bb64ac648664ed15fde7d4d62cfccb8231ef2f

SHA256
3d3bec75332527482387889c38911bbcc4188f4305ccdaf08b5f99a6ad6332ce

SHA512
6ef55d874382df01a18713d8a986728be3279c3bf7d383949329c03c8bff49ff7bb43c22bf70b449f15ea42f429b3b832856826694bee584b5e6519f8a251350

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
4eb6d6e860f08916be475af8f47cc583

SHA1
a3b1e15d5e6a788812069fe68840f689e648aa7b

SHA256
4128aa44e6330220756dabe08b43cae8b72ff2ba55c2063b71eb2ee072b0eef4

SHA512
97fa7044ebb6dba06742f77305d1a23a29bfedb7b7b4a6c2ec85d159b177219af828c4416ddabc81d7c338187b37d3ae46ff22b0b507d84775acfffbbf5d87e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
b8849b04429fd805330f4e53f2582e6a

SHA1
9a979840486eff4114f55c74d3c54341e5027740

SHA256
0c61496c3471181f5fffae3486ef2c48f804ff56919d32fe2904045620409900

SHA512
a402b82e54050a9ac91e560be2406d0456a4dde7a022fe98f228e273b65910e455052971742d1792dc27c53f087422dac002be2ef3a8822f82246e9c2bdde4cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
77facbda6619aa813857cfadc8b9e89c

SHA1
3a499864f994e8973dbd512d75714395716b2ead

SHA256
8d0cfddfb60e83e1edb8732e80323380c8f042ae5893251a33347c7afa177673

SHA512
1dde2448db9527161e15a8166823bc162f57409b952311f2dadf941b79fc4e63930d2179997ee63caddd629e65b0d91cfae8d781b0e92628a9d17886263ab9b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
0527237c0eea0b46ad39aaaa7d613037

SHA1
586162c08683a53c91950d72cf26589acd73870b

SHA256
2667e266d21f8c28e22a4d37ae9fe85547d53e9b91d559420ce9c95997cffddf

SHA512
2efebaadebe5b969da5b22bb4614217f8d6544d0eef4617adbe20b32b2563df51b5b1cad28ec03ff930d4a15c892e44903a60fee5b40f1366ca5284d48a62560

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
1b2d2f3443d43f4b98f3f1f80590134b

SHA1
9d1be47c105d879dfa6e9a8e28513eb1aafaeb3d

SHA256
09dc741a08b6d51ac787ba64676f1aea00ed1ee4007a7a294cfacaea0ccee7b2

SHA512
ce6c137c367544bd11732715c7119bd85d4ca0039d68c3eadb9a52c5adfeaa8cd65fac5c7b89ff95611b72d19d5cbd39b01036812b39b1838046ce10e7e91e3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
abd6ccb841a252838de9508fc4bbbe18

SHA1
7a5a8746bd4eb1b0f1b181f5525aab164138f99e

SHA256
44ec138edfa4ef6106c95caf84d4ed17a398a4c06ca9afa3c5b50394bc54442a

SHA512
1356fbf16280d4f809b0665efbe8226607e24960f935b7573ca6eb8f18e98c5a74194ef9831fb42d1f880564b307b22999120f4e96829cf32be801fae0aa24c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
f048b1974298c2931fbef92db02c464e

SHA1
7af27dbd7ea9e51a122a33b73a13c5522b219abc

SHA256
e1be776ebcaa7336c0840bd5b6a2a1caf84a136131a9d332afb70b0502b598e2

SHA512
556a957eb70326e6e6823ccc51edcc312e261d01c02a555ade9926726cf4d3cda9c3bc5eea500417d804d2a3c9a43781e07502a546e13b5b39c075b063d7c590

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
d90af1e98849c6357a3c105928400bb8

SHA1
c36c84e37a20f3919d67b6a71f9aa21cdafd78b0

SHA256
c941ccd8fde97974b7b7b11d2e911bccee6a7b43e805d489e8dc24ef19845831

SHA512
e95c3757638308273f77066a4adf8f938f4e74b4085823fbe2086160a71563907f4c9909bf0c1b3e5d4858b3c726a32dcf2330d9c623600aa9eecc9cb148d261

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
472a613fe2d525ca96c940f35f08bd3b

SHA1
07bca48a95526a6d6bfc7bb2e1b57900db88ac51

SHA256
4017873047048451054348c707782036a72bf9be272f1fb6a5062d2f5b7d1656

SHA512
76726ab41f3fa7a1eba60039ea1a64938fa9e9fc8c07cdb89194ffc829c258994db0aff2a7b5060483d0706bb35a4c19170936a3f9e4d771886af313d11bc8b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
d9cd528924ae86f4aeee87a948062d30

SHA1
0ad7d11fe8fce23aa660225d5f7678ea977a2fd8

SHA256
53463f9d744421759340a10bae12fe495fb7bd02902310ed6ec35683d7ba83c6

SHA512
6b24c5c9f6e193ee6a09dd939a4fb71cd5265f226df136a6f64b4b88ada65a706d69cd7e31d09530e9806fb683522d7e254a2571fe04c196cb473fbd08d3af49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
9c9dab578e9f2ace6d6e20f07c5efea2

SHA1
496e6dfe59de11432517085b12ce9e17c1ff527e

SHA256
06f1ba4bf918b1775cab550a6c83fa2e112f2963ba21b2c1164307878d126b14

SHA512
0cb89381c9e0959c0f687387ba5fc8032b227aacf3751924fc8c87fe5cf3051f61ee1f52754841e9000078be217ecdf65255e41398808ebacfd4eb34d2002ed1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
042dfacc119959cb0f15bbb305de4c4c

SHA1
2a68bcbb91e0ed48ff352f53b89982e1f5c6ec21

SHA256
427b17a9d220c9316a276ad717ad349b94e679eb677bffa456990e30d9ce0bc5

SHA512
d71491cd5da48d3fa2bd86d7c5b0e82fe86aa6ca33be2e3424f149506b1c72d00e2a34a92b90f4cab196603a429a978d7f2ca5cd87762d4f0d13710ebf540587

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
625cce1efb04fe7873084cec15aee574

SHA1
8ab30850bdc88e3e9fad559f8401833231928194

SHA256
21b8bac730f81f60cd8afc05a0027a510028a4a7a5bc2bcff2869611070c4e32

SHA512
e96e69deada331154208a7567a1f03a933865b9b98bc77185f702eb7a21d6073b33ed8fd4c5db57d902218d9f49237112510d3e85f2aab695c2ac7d1ed39857a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
3c8df9b2bcda81e0c0be40329b556027

SHA1
c84074a00b1a7810a45fc2d3efaa0d860ff66751

SHA256
b7d33b8a236c8eddbe07026883247ac619349f15022a8ade2d6274a2477938c6

SHA512
71be02a67b14c459aa5e15ebd6888c77479abbdc2b63e5714aece5ed579211fd18fd117fe742cb9231f4f04974eec01bb523d4471bf87d390f43dc018ee507b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
137d4e6c765ef4b9d6ee7c36fa7bfef8

SHA1
3572cf339325e4202c6d3491e5e640fcb8abef70

SHA256
0d610665c269afac5f0339159052e1ecf69df58d0dc108e3b63355beb8ac2941

SHA512
8f458b37b2056e891b7de63962c47910570430b1cdb481b46bd7b4ca689db3571982979f27f4987796ba3e4955625daf440567396cc421aca1bf53f2d22b9b38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
58bdac59d72984f25660cb25aa9c829d

SHA1
a2fb35df83aa59e93256315177dd7c8c583107e1

SHA256
24c6ecfd1b427563cd06df49eca76fc98f01102d6c2a9212ab074751ed083750

SHA512
d0b5a23b8a09b04b9396c1772d89619539ff34e21c3582b925507761ef3c77a8533fc56a42e79a5761294a9d2fa86266c96cd8e883201d4e53674e97aecb951f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c57d710d493713681730949b97a55c67

SHA1
d28034efa6bfb295419997a236237684d7c5d952

SHA256
0ba1d8c0968b8b1111c03e2d951a8908f9673a0e927c08df5250cbcd8b7c2c45

SHA512
7604f02ff11dd8acacd11f0f0bd423cb7c3b2e6a64ae6165abbf3a82f89d637ddb930c6d78d48f85f6b701ac8ced1d3344b71798e5930122b7ea57ef91bde277

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
98fc37bdd52b8b82c4ea6477c6818948

SHA1
1a434d078171704ca5fcb0eb2e0e75b725913c88

SHA256
36b439d8ede27f1b42db54860dc2dec27c180908e853bee2eedc0e8756cdf300

SHA512
432663385c18085d59a4f00122dd0ee2a3588067c760f39142bdd0d5cca9650e9a4ec3aeedb19994706a480eee8ea592d38293c9b55a51d9bd86a991b95a6c62

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c1cef4a1e8be6448c9c51cb870dd113f

SHA1
e1c11458ccac329a621e354704db92bcc3d742dc

SHA256
d4ac11a1df9887e7471309e1bb3de2cb177978baa40c9633dd19d4cd970bd1dd

SHA512
87bb3feaab19b6aa46f30d692c10f01c4dd3494b15d6782ac77e9028a9d6b1c575703aafe751d5a89b2029d1b4edd220f49f47da5d1cdbf94e8f54391629fec0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d10c0b21e6b5556a12f1e52b5d9c888d

SHA1
6d0e9328bfc2283f25a2b57e192ead3f6532b644

SHA256
e5ad0eebd3b709da2e2a2e2a8dd591a8272919fb69a3267f96986372c90b60e9

SHA512
b2bb2d863b1348195db7195a54961eb264781e17163c071141509de7752520eaf18a20c21db7b996442aff90660bb436b0e758d91203284350ab73c592763152

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8f1ca6c99a29ea93830ad9c096f3ef0f

SHA1
d3f0013b4f0c2f80b66d1805559430778d21e2c7

SHA256
295f6acf5a6160cae452046485b8e533416deb2a29e4356b8df4e13fd33ae8a6

SHA512
c23d40266c85b4f7703e5b27be8cca0519834078d1058f14a134453bdc471c466a7528fed32531decd018e3be2aae6cb74398cb0be6b46afa5fd645f307f95ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
290e93bb01f168adfeb13a2fcb80050e

SHA1
73d27350bcc9511b919e2c36f6d24e703c472ca1

SHA256
3c057d83777cad34afd75a184fd0f647e77faaee8636f63e50519faca2037894

SHA512
f2ce8999054b13d1dd563d12cdd0623138409e3c26e47c805a831699765c228af03be05be45fcc23df73b6512b1c8c9b95a083d907be5e00dfd1c2784f73a0fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
149KB

MD5
b6721bfe1679179c849d3eef6afbbb59

SHA1
ce97846bbe6d82cf204e6eeb69c5a26d86bae70b

SHA256
af72f6101b6795c4ad0c3f51c2fffab9bb9223d95f1f80aa5aab8615a81a8bf1

SHA512
3f8331d149b6a6393a345886435154e87547005a54be76be5048c883b895f5c8647366e74a5cab99a18b961d5645042d757bed4674157c3c6735272a8ed657a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
38f88336af5b7a7d6c7185b75910db84

SHA1
a35596576c6b55a2512895666379092905dbf60b

SHA256
ebdb1173ceb1dbe26b72ec5cd66cb5873317819dc935dacc11c8e52faa871cde

SHA512
1bd6fb010cdfb6249860da9bb163a94fa0aac2647ef7409d72da0219758b472d9b71dced34e3fdc76c527561fa670e1e6fa62ba929c54382b0241ac1f700fdb2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5c4d2d.TMP

Filesize
103KB

MD5
81ea2212ab4d4d21fcce4502cf39c2b2

SHA1
8a06855fae484a0d14ebc2c2ff544144b62351df

SHA256
3f47c84f8b07f2aa755f8045ae45f619394abbfee828ae9156821dc75a2c4c09

SHA512
59576692be8d028991ccffb04f73cb0148ade9f26a002a971d3860be1f5b49796a7d7b57fa329793c136af9db7446afa39265b48479c3c912ba74c61e2ae75ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\a586959f-ad6c-49d7-822c-0271740d9751.tmp

Filesize
149KB

MD5
044ceb366a1cfbc81f598474a427c51e

SHA1
800a65dba80bb56600390432e22e65d7f9b8da75

SHA256
a51192206677cc51fe2f765bec7c4c1dbe8bd02ffef2c4d22a5bfcbe508b133a

SHA512
1d9fee2590ff917b51a3914eb22dae0d56138e60a676358ef7e8582d9e05123e1bca7a0603972ab65271967a4d4150e2303fae8e99a484cc6b4783d1bbc3b6d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit