28a8951194bdf22371b21a6e05ec5a8a6c665030e7e24eb7871d696461da5975

Analysis

max time kernel
49s
max time network
151s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
03/06/2023, 07:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

Pig.py
Size

1KB
MD5

61f5bc186c65ec6936a6c884f4fb4121
SHA1

6bc2dce690718645086ee1dc1b7a64145c6a31c0
SHA256

28a8951194bdf22371b21a6e05ec5a8a6c665030e7e24eb7871d696461da5975
SHA512

b07ca9d80bdabb2cd8c359503ac926a265c1a137ca0ef11d2b5fef5b5e7b01b9345a109795bbdd088a80c45f4dbba17f4ab96cf49ca815871d6b22fc31978e07

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 5 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1914912747-3343861975-731272777-1000_Classes\Local Settings	rundll32.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1720	chrome.exe
1720	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1692	rundll32.exe

Suspicious use of AdjustPrivilegeToken 44 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe
Token: SeShutdownPrivilege	1720	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2016 wrote to memory of 1692	2016	cmd.exe	27
PID 2016 wrote to memory of 1692	2016	cmd.exe	27
PID 2016 wrote to memory of 1692	2016	cmd.exe	27
PID 1720 wrote to memory of 1056	1720	chrome.exe	29
PID 1720 wrote to memory of 1056	1720	chrome.exe	29
PID 1720 wrote to memory of 1056	1720	chrome.exe	29
PID 588 wrote to memory of 880	588	chrome.exe	31
PID 588 wrote to memory of 880	588	chrome.exe	31
PID 588 wrote to memory of 880	588	chrome.exe	31
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 928	1720	chrome.exe	33
PID 1720 wrote to memory of 828	1720	chrome.exe	34
PID 1720 wrote to memory of 828	1720	chrome.exe	34
PID 1720 wrote to memory of 828	1720	chrome.exe	34
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36
PID 588 wrote to memory of 860	588	chrome.exe	36

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Pig.py
1⤵
- Suspicious use of WriteProcessMemory
PID:2016
- C:\Windows\system32\rundll32.exe
  "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Pig.py
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  PID:1692

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fefb849758,0x7fefb849768,0x7fefb849778
  2⤵
  PID:1056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:2
  2⤵
  PID:928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1452 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:8
  2⤵
  PID:828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1544 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:8
  2⤵
  PID:1984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2200 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2224 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1356 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:2
  2⤵
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1824 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3932 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:8
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4048 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:8
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4028 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2200 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4884 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4996 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4968 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5212 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5452 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4944 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5780 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5764 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6204 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6240 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6224 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6196 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6164 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5576 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6556 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7068 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7184 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6084 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7472 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7016 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8532 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8580 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7012 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8868 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=9008 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=8560 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8576 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9256 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9788 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8396 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8568 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=9796 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9860 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=9912 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=9924 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=9940 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9960 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=9976 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9992 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=10004 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=10024 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10008 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=10056 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=10072 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=10184 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=12384 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9936 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:2656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=12772 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8552 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=14004 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=14968 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=15188 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=15276 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:1040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=15488 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=15784 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=15952 --field-trial-handle=1308,i,6247296830185347527,9198935597783255307,131072 /prefetch:1
  2⤵
  PID:4992

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious use of WriteProcessMemory
PID:588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fefb849758,0x7fefb849768,0x7fefb849778
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1364 --field-trial-handle=1408,i,6320250646867032426,5019740118923020075,131072 /prefetch:8
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1408,i,6320250646867032426,5019740118923020075,131072 /prefetch:2
  2⤵
  PID:860

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:864

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

Filesize
62KB

MD5
3ac860860707baaf32469fa7cc7c0192

SHA1
c33c2acdaba0e6fa41fd2f00f186804722477639

SHA256
d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

SHA512
d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
867B

MD5
c5dfb849ca051355ee2dba1ac33eb028

SHA1
d69b561148f01c77c54578c10926df5b856976ad

SHA256
cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

SHA512
88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a77ee31b7560dd163cb4685d4af3cb40

SHA1
9a73ea397a923ca55610a471ae0b4758e33b32a8

SHA256
df1afd414567cf2a8548e06f8fe4d167909963e19bb46c5fd5a97e62f4d433e6

SHA512
63c4bed181092a56a207c3e31b6c6bca14a05370488a55b8bd804d349098ac904a366293f1f517e4c1e23553d86367c16f57d6a662135e9e4dd0de37da1423c3

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
b3f42e2b28ac97cb2a3b3caee4c73050

SHA1
c9b5dd449394b112a05fe64498b5a5486ce5ca35

SHA256
581145444c1f86afade923d769b7379a52364fe4350b1c995bec453a6257d3ed

SHA512
b97fffccbda55930aca09eb5c523e0ee76a36d63ceef7629259d5ce5683f8e21d8eaee2a94fee5a2888bc98809b306270e40d95286459e6b7f06804aedfae4ae

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
366b2c01b9c1b2ec692ca4ebb837ad25

SHA1
6259edfc7ccfd2e6c2872e567f5039e262b835c3

SHA256
c9055131aa92049c880c9f44c83efad17a6cb51a4ee1272b1277f4eff80ade3e

SHA512
6f2fed96e6811ed1ebaf3568049f4944ea760afbc8566c67e81e6c9004c261ebd2805dcf1fa9a13516da3911f44a8cab307a1c8630336a3a67fd42609d967591

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
15622eaae19549ddc57459fe983c06f0

SHA1
f2b77a9f4658da0a98cd63a603532def228797d3

SHA256
4dbad13b1aaa48794572e6de0621bc7be6c08cfc955e4d30f86ae606a6cc0a0c

SHA512
7d7bb16b6a80b389e9387e0814c7864d5401920c6dd41790aa628936227f63701aceb15fc650b41f9f378d6af32bb7c2bdaf5a9cce14ad9556b463906a9b3285

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7a3750c3cf30dba97bbb3034b264726f

SHA1
61544773a48e091f09f048fd4efb15e9762a6af9

SHA256
809332d8128709c42e14eef0856b7ab36e74dc817ce5d8cd777abc75edff50ad

SHA512
9886d456f0397f6306bf880bd94054ad34c0c5ea2de1dd87ae3b57c0a81d3f2f3c49a1e9d358fc798957bbcc1cf5acd1ae0a8921b9905c9e3af4b33f843096be

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
51750bd5013c59041e42166da900dfe4

SHA1
23f48a8f1dd62324c6855a92558ce671447a8b82

SHA256
8cedc1770130533d62c6c862dad9764765927df5872afdf187bf1ade08088ea5

SHA512
9718922dd03dbf0ac7f9f95a6f751cc5eb240498a82a77e4f8fd6cac7ced68721970db996df7354aa172399575b33ef49cd2750677ac0a78c36998e50c8c82d7

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
665e3f9ef7950cc7028a8fd785081ff3

SHA1
d89c87c5a42f41b5fc7a132e4255c408be428141

SHA256
929e21547229aa0d125912286f8c1b6c54daf260f2f8c647d497785ef0525196

SHA512
c675ef730ef207ab342e73b0ea17b0f51c2ed428e2835a4e8578bc7e0332e23570d8a8d69702aff313f5455f4f7581b0dcb2c65c5e3246e6f4d8d8e0d6212a9b

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ff55234536308d14ee2d7880c093fc53

SHA1
81f2dccb76f257c30083ac6f752bf0f24ca9bbf1

SHA256
f5ddabbd3f4d3a573b600a538ea6480559981a54cc9f4f6fd0ec9f8740d6ab40

SHA512
00671bdc7950a7d320ccefd690c2a97d5e764bc4b4e536315ee4c96ce5eaeb4e7c834c5676d169f139afa3034dbb0f5c8f12939d1318c4c7f404593e0c1a1739

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
e2f18676384866133d88f4b6b874f3d9

SHA1
7429f28b8e9055d578571a3d90deb6a45a27fda0

SHA256
c1c0879eae40bde510b4a17badc724ed3f9024a28bcd12db8d120ade08a75eac

SHA512
96050516c2b479c24fd2230a47bb19e78d2608b538ceb276986eec0cfc115c97d766df8d79855464cd2e0b3ab4d040bd1f1ace83977e1a3e9497d15d1e76a92d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
5713b0ac56ea4e85d407d2e5110055c3

SHA1
d90afc13ad4577165530539189cb727bbe7b4678

SHA256
6e9d4d8f73ba6641e2cc1c4f6e38ce9034a8342b4ee2362d2e9848602bbce635

SHA512
c390366f7e497a4fbb146554f6f746df43376af20af8c82a702de94b71aa7f83d6dce85c2fc7b9d887a1c45ed1875786e054c492d89c5d28a1f7a654d92dc2c4

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
faeff2a3d7665ab03f0a370c06961883

SHA1
b0d0e50431d9b35e22043987d1fafeb93cb0f6d1

SHA256
72deb90f2b7218b216fa9cfcd1f4cd8e6ffbbe46fa1d003a65f9a0e987dbf6c7

SHA512
a613a3dba0208849e149c4f300f1b3d7785c1a89e39b963bc5437a5b45624d5e214f99e02fc80e69850b9cdd6c6479bbba8288e30e950fd7e9eeb256ed13b24d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
1ce8fd5dbeaf1df58e73cd57b8b24bd4

SHA1
90fcc1c41821f6fa59fd46f4b9cde1aa4a1c4ed6

SHA256
3d6ea2d48d3359b85c3d6a336f6d4a6c7dfc529e3cea0a13cbcb1b7128caa358

SHA512
90f2484c1d0fcdb129970273adf6bdd21c1030bfcc51e771c8412dd8ff8e4a18b2f50be6fad5c018179ab9a60ec25b88a1101ff31f8d615b2cb2d8be6930b750

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d3eb3f960e84ae2e65e6798c03c66d93

SHA1
8ab18000e4770e49b63df859e70200dc36895197

SHA256
af4605324f4ff76f0833f4e4da3062e9c526adbe49658169a7382381d4491265

SHA512
8a4110d314d1e37f80ce2d86722af118a39a677194fa2059e5ea6c2b6c209223ea2f5d6c5802bbaac6cd5de7e465150f35232c51a351e4f862a47629361d09a2

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
533210888dd849264692d38b0903e0dc

SHA1
5c1ebf204f4bf8e1f0ca21f43ec7ff03ed4aa8f8

SHA256
1bdda935ed6ac4d361a1cd702d12a5554893839076e07a1006476a2f6244bf4c

SHA512
f92c9d0e7f47ccd7c99c5e87277e00f658203fa6554ba4a07b0eaa60f1adcc527e13fee2ffa857fe3d16e3fa2e26ebceb49d90d7c9f24d3c5915bdff5f6c611c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
323dc32f439bc2d36ca4ec6436fea671

SHA1
f8233c88bf9d66a33756a152cedda47e98e7b594

SHA256
5eba2cd30c1967a219f057ec098ece4ae048d5c81a71da99e2629681c4dedf67

SHA512
4c9b7f7d36d3f7d6ae40366736dbdd0274c3da64c3a4d814f5255fdb009e4b4985b4d5e47271f768b6e4f577296376f90065f8c8429b83071743e19190f86352

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
c7eebdabeb257d2a4e4243aee0663b56

SHA1
f1698993009778716a6bbe902021a33e22b32d8b

SHA256
ac29c1ca0c86f3504430cb15ae43785d9a0db69b07efab9d684427300b57e918

SHA512
a2be7c2caadacee8174f4983c8d20c4d291286c724f663e24e3f77e1d0d5a53064396678d2c1956363531664f75aa1a90ff87ac54994fa814812f5451806314f

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
487971bc4472a91ba2985c1f489e4b4a

SHA1
c39a34e2983b348c2de06b741419f2ab03f1304e

SHA256
13d1ac0af89e1a15af1a6b60618065e1c0b840699b946b23ce2a8b6676efc298

SHA512
b80bd639d131f120c87096f0492cced270e6c2a2550777d11b139faed3e31354b6f106970293dcd9f83c83d5e9dc0cb654b02c088aafe918b7a7b7f28643b4b6

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
89858ac5c10210ef5004edd14e30541f

SHA1
01be26c913030c6c9dd16c8af88ca0ac0f634bbf

SHA256
ba43e8dc69c4f0c6af35e3e1d4a2cc0a3089f7598eddd4f69521eb479202af58

SHA512
e736e4e0e9b821d93e6f2005a387844d02cad3a2ff74e418cd55d17ac00ed9cb8cd96caf089ce745caf1523c59e8bac3b754c3a66fa08a42a0a0c9d4129a7d6d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
27096c40bc96da4863c965d8336a6af1

SHA1
6d6202bad74624d7cd131cc365f4aa9b1abfe71e

SHA256
0e709a8ea8179cb89dde9ad7098bd405a18948d38ad1af78fde950420852dba9

SHA512
d5afd90227e03fc40a8540331afd99ed60a7b01fc7040f20b811aad2cb66c7427ecde510bbb5ad783c8596df2faa217d2d3b7eab5a75bd9432bdf4855d98837d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
27096c40bc96da4863c965d8336a6af1

SHA1
6d6202bad74624d7cd131cc365f4aa9b1abfe71e

SHA256
0e709a8ea8179cb89dde9ad7098bd405a18948d38ad1af78fde950420852dba9

SHA512
d5afd90227e03fc40a8540331afd99ed60a7b01fc7040f20b811aad2cb66c7427ecde510bbb5ad783c8596df2faa217d2d3b7eab5a75bd9432bdf4855d98837d

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
9b09ed3f091402161926e6608d643f4d

SHA1
c40a3616c91e6458b43689567919159de2a1c1fa

SHA256
678fa8fdd34d894efc694058c62bed9ea7ad2bbceb451cfc28aafbd9db64b373

SHA512
42987ba1713db88f9f2a33ac1450de242db170416d2526de2785a27006abccd532c3ce4de5dc01447b8124fafc63651cd60c3a9858b7e9b4fff056603f3efd4a

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a9b4d8b1798021bf65b8520129db84a4

SHA1
eddb254986b3dbd6049fc239672d9cf186758067

SHA256
f9d88ad18e2c99407d50e0b5c723684d552314ce0742b2578aa52f7d14006e79

SHA512
b97e95d10013ddd758128410469d06c6e732f671e6990c034c3311097a7ca885e2269e68c4a90b5d9cf874d035b477170b3ca4cd07d207dac778b1c53c7d2b11

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
f16d71ced433e99e3c7564ab207580ca

SHA1
9572f4ba586a7bbe377808e44946cb77ef4a1d04

SHA256
ab8e43bd9dd305851b278a767f48daccb66d21ddee390bd4234dfd4ae408b6d5

SHA512
54b97f94be9a58421a2bb161de95c55050af903fd20398b8619ffde9d75bd9ba4c918de5acc6d1fe9c14f3025d5ebef1b420e474e1e30b5b28344bbe387929da

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
264b6c544843e9ed7201bdc4528771a1

SHA1
b94e60a51a29fd29a63737321dd50ba158554752

SHA256
2d2ca675f7ea7e0d59900b6e0c4936ba137d356f47b08723d559277152173f37

SHA512
d758196b3ec28407c05924cf1eded56c505e6fc376253bede78b358b6ddf39dee044f71c28e71cdda4790c22343170f1ec3ff3ae9905093ee64b658fdaebe687

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
ede8e4c1a60737c18e2c65fc3b744a29

SHA1
d576f49ad8118e17e9fd6b30aae78c6b992fb97a

SHA256
2ecacd444d811c66119d89f0e72d3db7429233e3304b7386af5b448622cc2ab5

SHA512
70d1f288ee7516abd10e47d8261b98549cf173d3d80b48870d8eb079171a9e7e94b69ee40cf0a48fb3eb22defc24f7dd518fe270e24c90436ad3692ccff3f82c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
03a448bfe3f8bf2fa4c4b5cb29036e59

SHA1
cf1efef9784764159a0d8c8c6083e6281488ee0b

SHA256
0ae28f9c6cb9f9a737b5f08c1eaf0b0dfddfa265bda6bbaa7cdb2e45cfa2a516

SHA512
99527193b5e4d1fd12b34e760df15000043561428e78e5031b69b245a179e4ae7e76b300f5f7615a155954cb9ef0895ff45f34feb5660a360e51fae20da29069

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
efff887893f3114184e32dbf2e9e8685

SHA1
b4085e716a7f62a4461daa7c50be412b60d8a512

SHA256
0b5fd165f74203d77476e81ba70b2a2e9e7fcdb4c29c27f7953b156b31708769

SHA512
a1960bc61ae1c5e48e17e6a44497c1ecb59b408ed3d23c1b72eb07a3ba17f76e8b67ce9860b79be816ad86f958276f371c27abba0c0c542bfbca29be94a04113

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
a820b0f407f459c76fc9fa45a7a6d554

SHA1
812ce642f87de8270349ad079c17339421dd6349

SHA256
89d13cbdfe9d885e97421e31b14b750d0e44e8f0f441da61ace6a1bbe28fab6f

SHA512
909cf34dbe5a03147c098cdd1b33862bb0a7de8b60429de9b908ef1cfa84eac394c6a2dd4096592864ada92813d32f09aaf39b590c9d77b55aedae73fa4dcf8c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
79e366969d727a50eb5fa8864a29418f

SHA1
81e42b60423ec17f8626b42d29d36fa051cf5542

SHA256
7bfbfa86453d17e47faba8d444601a3bd55ecc475c9f5c8d5fe83302dbb535ba

SHA512
f80224adf9bad827a3daf39976061791b60b40731dea81b82275c2b7ea7d3852e3da448f43fff88a952872e858fb1c4c39420e8ce28d8eed5db10869a6b1c0c1

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1

Filesize
242B

MD5
24e4990f9709e76797390491e02a513a

SHA1
68acf0407f5ff9efb845824749c26a278879d2f5

SHA256
6487c274995c9b4d9738060603032a68624f2345edfdb2870e2a1f77afa8f72d

SHA512
ec1845a7492d83071f891ddbb7e16d059fc314636a74bd715a1906af4a37a8f46fd852718debee1b35aad39ee024213b67e7c4c7127c50c534d98b18c93943d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\451d57b4-e423-4535-b20a-233c5ceba0fc.tmp

Filesize
71KB

MD5
a79ff81716a84ceb8109e129f57295c8

SHA1
e173629ee1886e36bf042022db9a5384de1f6c16

SHA256
ef9b1dd58fb5d5116b37d28a9b45b25efbdc50722d7793a706d55009864b7bca

SHA512
7f36dc1b606f79bb93ced36abb44b8f0e5b00faff2a61cd4562b7b9ef32cb28c08d744e2c7fe840daecfeb011b8c4e4648d9464eb0dce5753bf0cba6a51b93d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
ce02c3a1c2e2258c20b1dd34b4a59138

SHA1
90b58959a14186809ae02b948820e46c5725bc13

SHA256
9a2beec3fa05d9df01bdc7e7fadf883071062497bfeae892ab0337f263813d12

SHA512
f23196fa06d28b33455db7be66cca56ea5fcd110c4344725a19a7625ade33b39df1fee7150aa977f6e6ec08c8f5fc8cbff1772b2cb4e43737b6fbf74b964358d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
ce02c3a1c2e2258c20b1dd34b4a59138

SHA1
90b58959a14186809ae02b948820e46c5725bc13

SHA256
9a2beec3fa05d9df01bdc7e7fadf883071062497bfeae892ab0337f263813d12

SHA512
f23196fa06d28b33455db7be66cca56ea5fcd110c4344725a19a7625ade33b39df1fee7150aa977f6e6ec08c8f5fc8cbff1772b2cb4e43737b6fbf74b964358d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
ce02c3a1c2e2258c20b1dd34b4a59138

SHA1
90b58959a14186809ae02b948820e46c5725bc13

SHA256
9a2beec3fa05d9df01bdc7e7fadf883071062497bfeae892ab0337f263813d12

SHA512
f23196fa06d28b33455db7be66cca56ea5fcd110c4344725a19a7625ade33b39df1fee7150aa977f6e6ec08c8f5fc8cbff1772b2cb4e43737b6fbf74b964358d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
37KB

MD5
5b0c0d429185ff30e04c93f67116d98f

SHA1
8eb3286fe16a5bee5a0164b131bc534fd131f250

SHA256
f1a0b957050b529afc0e94c436976326124ed8968183859c413986487623294d

SHA512
6295bcd662325172b15c476d26f23c8794c4f1454e0e8cfd43bca79b45aa03e1ae721ebdada1c52fe7699027fa97699156280ff259ce3cc476e322ccc0337902

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
2d043f1f9d8dcdf36064fffb8ad64e70

SHA1
e0155d0e4cd154522ac802b222fcd4d80d1ed830

SHA256
c49bea4c6cd04204d1edfad43078d7c7761ee37c8d5feeb1835188d83d89f010

SHA512
ef61678f54cdfae4cfd1020a31fbd50a020c35dd52fac94d90f0c4ca076c8e8a2b77328371090a521ac16dc0a773a2d29adada5d5c71e8a7677afa36e99aebd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
efdb68ad482405cccd910f3cbdd6dc04

SHA1
7f8863d6fbd70a084cd0c2b3a322ad61d3c1bd29

SHA256
bd5ffa585f729505ceddb9f95b3f3c25f257ebd4076a5f26d3213529ae731a09

SHA512
6d626c5febf7e023556b3988856fe19aef1236692e8fcd74041d564eb31ca03ffd96ba243ee826f14d2b41f7145774a4c692699e6d2476469d1c0c7c3a542fcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
be9d292a65191b1243d44fb944d4998b

SHA1
5792b13be15d70b611890f48b65a6f4ad73d49f4

SHA256
02639fea5dd08f29bf9ff0f9cc3abcceefb29a899716172ab3a292c4867ddb6c

SHA512
db4f68a85907b1e0f70b6126a3ea46b96223eb8855f3bee9b4f910a7a8e3cf25d8b082ba9951332d7358e5e18c910ce19ededf90386f5c9e384d624ff8ac51ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1016B

MD5
036cbee752927de4809f4a85b76cb413

SHA1
503d3ad4bd2e7b34f48f8c5f67c52d3e6c340508

SHA256
85ff24e200a34bf324e3df2f247f1657839d183324d7dfc12404245dc9fe14ca

SHA512
f3e442bfaa3743a149a0fbdf61fa0f5185d104196a7d0c59782e1c06a04c8aa900a19f61699e5ee8f55426014334c145d0559456814aa02953940b53ac12c231

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
ab09146bef1a6beeea5327909a6513c8

SHA1
4690df977b5ef74dbdca2ef62aaa81a7951aece1

SHA256
2ceaa03b3bcd5d5f507a60c0f5f28e325f9a3ace73985c28bcf26647c58a4542

SHA512
adf11aa3762f9836d91fea46c1c1825c256720b2fd96c867ba4566a41cef5764eb38fefd70de2f3c2ffcfe8ee82054fcaed5ac1c0298aeb27added54b7fada3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
363B

MD5
6f36272a6be4d96c9b1f388836fe038e

SHA1
762b9afcb5e30d367b6c69b7fa4500734860c977

SHA256
69e2961a96fd33c7c35b2fea39b2610cce1c0dc07485337a35c90521f98ca373

SHA512
a5af71e8eb4259236679e25dbcbd6f8fa5db48005ce6e0e45f5212feebee342b9f326d2a42c245063ad96607016f61d273b677d8d7fa20517c849b586276d15f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
addf8caa92835e76504bffbca137f206

SHA1
3835afab1bbd21bde375f8a96d958981d0f755b2

SHA256
78a90a5e82e3e005507b026b518415cc97a637a915ede5b0abfe6218b6c0d2e0

SHA512
aef0581809fb2368c9eac04cf240cffbdd10f11653715391489de32ef60c7ac68041babaa0fbf79e8ee2f64ad025d7b38ece9784d55a1e984697ace44cddb93d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
37bd6f1d80bb942f7fdfd889eb0a3584

SHA1
0b375e2ab173955fd213b74b0dfb8d7020d980d8

SHA256
574fc228acefdf210a0953081762cc2aeb707509d65b6ce70f564549038d4120

SHA512
11e55bb4a48e0db6ab330039e14127e6e43ab67a681e661ac97855a9074d9c13d3b2be9ce920c686347bdd5e4a80b9b29e8ae2d775df1128db67772cce4946f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
59d3885f042519baf3f12c265e899eb9

SHA1
a3a575a405731722dc16c2d64f2b792299067d50

SHA256
a1f689f11f94c80aa0d77844c669b0532ab8b793550b17ee482fbfbd1a3658d6

SHA512
ba1a340d98f7e422c63507eff0b1d9c5e66ba8cc44c9a089d73ac6bcfb66e2b5457b4b7da5dff0213265f659fc3371b461b435fdec82895bfcfd11579f2c96ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000004.dbtmp

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
71KB

MD5
a79ff81716a84ceb8109e129f57295c8

SHA1
e173629ee1886e36bf042022db9a5384de1f6c16

SHA256
ef9b1dd58fb5d5116b37d28a9b45b25efbdc50722d7793a706d55009864b7bca

SHA512
7f36dc1b606f79bb93ced36abb44b8f0e5b00faff2a61cd4562b7b9ef32cb28c08d744e2c7fe840daecfeb011b8c4e4648d9464eb0dce5753bf0cba6a51b93d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
f732dbed9289177d15e236d0f8f2ddd3

SHA1
53f822af51b014bc3d4b575865d9c3ef0e4debde

SHA256
2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

SHA512
b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar6CC.tmp

Filesize
164KB

MD5
4ff65ad929cd9a367680e0e5b1c08166

SHA1
c0af0d4396bd1f15c45f39d3b849ba444233b3a2

SHA256
c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

SHA512
f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

Download Submit