91b04fe7b2b8478fa3f9f5bcfe2f8837368359ac198148a40a18fc45766bb51e

Resubmissions

28/06/2023, 23:49

230628-3t7n4sbe22 8

28/06/2023, 23:48

230628-3trmwsbd99 1

Analysis

max time kernel
985s
max time network
986s
platform
windows10-1703_x64
resource
win10-20230621-en
resource tags

arch:x64arch:x86image:win10-20230621-enlocale:en-usos:windows10-1703-x64system
submitted
28/06/2023, 23:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

redirect.html
Size

6KB
MD5

4a4230fcf49e9ea3dddc22318e86026f
SHA1

ea1ffcfe76f082a5ee0f4ef27ccdba4bb63dc792
SHA256

91b04fe7b2b8478fa3f9f5bcfe2f8837368359ac198148a40a18fc45766bb51e
SHA512

782137b06fe7a62bfb392a714745cd3fb7d60c4c482c3fc6a56cbb05618c8a2ea49ff769e00bad00289447909cf43208ba94f3f64628297ad702cd03a0268a58
SSDEEP

192:dAHLxX7777/77QF7h0Lod4BYCIdaO8Xkj:dAr5HYj0+CIdaO8XK

Score

8^/10

spyware stealer upx

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 6 IoCs

pid	Process
5104	OperaGXSetup.exe
3288	OperaGXSetup.exe
880	OperaGXSetup.exe
4876	Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
3524	assistant_installer.exe
1428	assistant_installer.exe

Loads dropped DLL 3 IoCs

pid	Process
5104	OperaGXSetup.exe
3288	OperaGXSetup.exe
880	OperaGXSetup.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials in Files
T1081

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x000600000001b1e2-2534.dat	upx
behavioral1/memory/5104-2556-0x0000000001240000-0x00000000017FC000-memory.dmp	upx
behavioral1/memory/3288-2560-0x0000000001240000-0x00000000017FC000-memory.dmp	upx
behavioral1/memory/880-2562-0x0000000000A80000-0x000000000103C000-memory.dmp	upx

Enumerates connected drives 3 TTPs 2 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\D:	OperaGXSetup.exe
File opened (read-only)	\??\F:	OperaGXSetup.exe

Drops file in Windows directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Debug\WIA\wiatrace.log	mspaint.exe
File created	C:\Windows\rescache\_merged\1301087654\4010849688.pri	MixedRealityPortal.exe

Checks SCSI registry key(s) 3 TTPs 40 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009	MixedRealityPortal.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	MixedRealityPortal.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	MixedRealityPortal.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002	MixedRealityPortal.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName	MixedRealityPortal.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\FriendlyName	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C	MixedRealityPortal.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	MixedRealityPortal.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	MixedRealityPortal.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133324697938739881"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3592352177-2971570228-3741369827-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3592352177-2971570228-3741369827-1000_Classes\Local Settings	OpenWith.exe

Modifies system certificate store 2 TTPs 10 IoCs

evasion spyware trojan

Install Root Certificate

T1130

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 0f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c14000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d432000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f6200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa62000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 5c000000010000000400000000080000190000000100000010000000749966cecc95c1874194ca7203f9b6200300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d431d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0b000000010000001200000044006900670069004300650072007400000014000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f6200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa604000000010000001000000087ce0b7b2a0e4900e158719b37a893722000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 04000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b90f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e404000000010000001000000078f2fcaa601f2fb4ebc937ba532e75492000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 5c00000001000000040000000010000004000000010000001000000078f2fcaa601f2fb4ebc937ba532e7549030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996190000000100000010000000ffac207997bb2cfe865570179ee037b92000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	OperaGXSetup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43\Blob = 04000000010000001000000087ce0b7b2a0e4900e158719b37a893720f00000001000000140000006dca5bd00dcf1c0f327059d374b29ca6e3c50aa6530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000003e9099b5015e8f486c00bcea9d111ee721faba355a89bcf1df69561e3dc6325c14000000010000001400000045eba2aff492cb82312d518ba7a7219df36dc80f0b00000001000000120000004400690067006900430065007200740000001d00000001000000100000004f5f106930398d09107b40c3c7ca8f1c0300000001000000140000000563b8630d62d75abbc8ab1e4bdfb5a899b24d43190000000100000010000000749966cecc95c1874194ca7203f9b6202000000001000000bb030000308203b73082029fa00302010202100ce7e0e517d846fe8fe560fc1bf03039300d06092a864886f70d01010505003065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3065310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312430220603550403131b4469676943657274204173737572656420494420526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100ad0e15cee443805cb187f3b760f97112a5aedc269488aaf4cef520392858600cf880daa9159532613cb5b128848a8adc9f0a0c83177a8f90ac8ae779535c31842af60f98323676ccdedd3ca8a2ef6afb21f25261df9f20d71fe2b1d9fe1864d2125b5ff9581835bc47cda136f96b7fd4b0383ec11bc38c33d9d82f18fe280fb3a783d6c36e44c061359616fe599c8b766dd7f1a24b0d2bff0b72da9e60d08e9035c678558720a1cfe56d0ac8497c3198336c22e987d0325aa2ba138211ed39179d993a72a1e6faa4d9d5173175ae857d22ae3f014686f62879c8b1dae45717c47e1c0eb0b492a656b3bdb297edaaa7f0b7c5a83f9516d0ffa196eb085f18774f0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041445eba2aff492cb82312d518ba7a7219df36dc80f301f0603551d2304183016801445eba2aff492cb82312d518ba7a7219df36dc80f300d06092a864886f70d01010505000382010100a20ebcdfe2edf0e372737a6494bff77266d832e4427562ae87ebf2d5d9de56b39fccce1428b90d97605c124c58e4d33d834945589735691aa847ea56c679ab12d8678184df7f093c94e6b8262c20bd3db32889f75fff22e297841fe965ef87e0dfc16749b35debb2092aeb26ed78be7d3f2bf3b726356d5f8901b6495b9f01059bab3d25c1ccb67fc2f16f86c6fa6468eb812d94eb42b7fa8c1edd62f1be5067b76cbdf3f11f6b0c3607167f377ca95b6d7af112466083d72704be4bce97bec3672a6811df80e70c3366bf130d146ef37f1f63101efa8d1b256d6c8fa5b76101b1d2a326a110719dade2c3f9c39951b72b0708ce2ee650b2a7fa0a452fa2f0f2	OperaGXSetup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4	OperaGXSetup.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4576	chrome.exe
4576	chrome.exe
4636	mspaint.exe
4636	mspaint.exe
4732	chrome.exe
4732	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4836	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: 33	424	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	424	AUDIODG.EXE
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe
Token: SeShutdownPrivilege	4576	chrome.exe
Token: SeCreatePagefilePrivilege	4576	chrome.exe

Suspicious use of FindShellTrayWindow 43 IoCs

pid	Process
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe
4576	chrome.exe

Suspicious use of SetWindowsHookEx 27 IoCs

pid	Process
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4836	OpenWith.exe
4636	mspaint.exe
4636	mspaint.exe
4636	mspaint.exe
4636	mspaint.exe
4244	MixedRealityPortal.exe
5104	OperaGXSetup.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4576 wrote to memory of 2104	4576	chrome.exe	66
PID 4576 wrote to memory of 2104	4576	chrome.exe	66
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 3268	4576	chrome.exe	71
PID 4576 wrote to memory of 1464	4576	chrome.exe	70
PID 4576 wrote to memory of 1464	4576	chrome.exe	70
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72
PID 4576 wrote to memory of 3764	4576	chrome.exe	72

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\redirect.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0x74,0xd8,0x7fff10609758,0x7fff10609768,0x7fff10609778
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1868 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:2
  2⤵
  PID:3268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2108 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3032 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3052 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4312 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5032 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5188 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4812 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:4040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5016 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5592 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5568 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2492 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5804 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5192 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5636 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5920 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3272 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6116 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6336 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6376 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6540 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6692 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5648 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6328 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5848 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6676 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6940 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6300 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=3024 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3124 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3168 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6436 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3160 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5396 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5900 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=3128 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6140 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6292 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7016 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6716 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6684 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6124 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=3024 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6228 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4548 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6408 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5648 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=4420 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6392 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6292 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=4868 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=7032 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=6176 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=5932 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=5216 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=5584 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6128 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=4556 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=6232 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=5892 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=7304 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=6180 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=5884 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5804 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6160 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=5792 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=6512 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=4536 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=6704 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6656 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6172 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:2024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4964 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:4168
- C:\Users\Admin\Downloads\OperaGXSetup.exe
  "C:\Users\Admin\Downloads\OperaGXSetup.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Enumerates connected drives
  - Modifies system certificate store
  - Suspicious use of SetWindowsHookEx
  PID:5104
- - C:\Users\Admin\Downloads\OperaGXSetup.exe
    C:\Users\Admin\Downloads\OperaGXSetup.exe --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=99.0.4788.86 --initial-client-data=0x2c0,0x2c4,0x2c8,0x270,0x2cc,0x73bea108,0x73bea118,0x73bea124
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:3288
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\OperaGXSetup.exe" --version
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    PID:880
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
    3⤵
    - Executes dropped EXE
    PID:4876
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\assistant\assistant_installer.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\assistant\assistant_installer.exe" --version
    3⤵
    - Executes dropped EXE
    PID:3524
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\assistant\assistant_installer.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x1364f48,0x1364f58,0x1364f64
      4⤵
      Executes dropped EXE
      PID:1428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7344 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=7528 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=6884 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5736 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:1424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7468 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=7396 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=6036 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=7592 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=7772 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=5136 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=7816 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=6460 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=6116 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=3164 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=5788 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=6188 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=6660 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=7320 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=6420 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=6208 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=6808 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:2884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=6364 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=6248 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6260 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6016 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:8
  2⤵
  PID:608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=5780 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=4572 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=6300 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=5224 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=6240 --field-trial-handle=1748,i,4995628138330607561,12471059787992371381,131072 /prefetch:1
  2⤵
  PID:372

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4520

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x29c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:424

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:4836
- C:\Windows\system32\mspaint.exe
  "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Downloads\BasketballSystem.rbxl"
  2⤵
  - Drops file in Windows directory
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:4636

\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
1⤵
PID:1316

C:\Windows\SystemApps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\MixedRealityPortal.exe
"C:\Windows\SystemApps\Microsoft.Windows.HolographicFirstRun_cw5n1h2txyewy\MixedRealityPortal.exe" -ServerName:App.AppXqzc0q994ba4dyfr1v6q634vrcqmmq29w.mca
1⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Suspicious use of SetWindowsHookEx
PID:4244

C:\Windows\system32\spectrum.exe
C:\Windows\system32\spectrum.exe
1⤵
PID:4860

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

T1130

Modify Registry

T1112

Credential Access

Credentials in Files

T1081

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

Filesize
315KB

MD5
29ef05195e607e32ee4ed5051dfa331d

SHA1
5e633c14e3c9f5cf3c374489971bf9d89c5a9f99

SHA256
185458d8f559f7adcc68ccf790c7ab86da9c0577d59b71471c21ae859bc227f5

SHA512
ef99c1e291474d97fd9c030ee8f9d5d18aea24f05b1b4bbff148a3ddd16cf8b42df9c250ea7dcf8c5cea37b6eca259276596b11484eee9f2e3d1cd3a82033c94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
81KB

MD5
e6dca0408de48f951186e06fb72cc98f

SHA1
75f46862ad3a3b7ca686bb6d316942d63563fdf3

SHA256
d36fb522eea422ada393cdc6b1c60786fbb2534d938252efe2e7b8d0994c662e

SHA512
91f323b183a92357c03b34372e5ec56983adc38ef0560d318d557d6455b5a09ea803e4b03dd54c2b3bacc47c38e3224fcb8ce6bb75075524c73766edfce46a10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

Filesize
69KB

MD5
987edae1041cf0d45c2887f6455cb66a

SHA1
8c467f6d7b8c761acaa50ddf4d30b3c7eac6e0ae

SHA256
b18d4fb20951e267ed35ba9b72a16e300bdfe7286077acb9afbf2e97a4deefe4

SHA512
4d4b2a72f0b25113b079935a186994e9d2cbda85497acb555b7073e395a8eed5eb85743f22cda2c9f6bf6877408d3950da1d15aa6f3ee3a72c23c9b1fc10a76e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
39KB

MD5
8877fbc3201048f22d98ad32e400ca4a

SHA1
993343bbecb3479a01a76d4bd3594d5b73a129bd

SHA256
22f8221159c3f919338da3a842d9a50171ddc5ac805be6239bd63e0db78046af

SHA512
3dfb36cd2d15347eaa3c7ae29bfa6aa61638e9739174f0559a3a0c676108ccc1a6028f58dad093d6b90cac72b4468eb1d88b6414339555c9f872a5638271d9c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

Filesize
214KB

MD5
dbe66fbd0d7fb90e517678970b65861b

SHA1
4191006a64971cdaaf5b9d787673e3df1a44e46b

SHA256
287f0f3f05eddecf2d3dc0fe2983078af2880414dc779e81f16eb9eb5eb049d5

SHA512
1b44ee6dd9db95c905c3e199791b64cc8e596664e4f22a16b2f0f775fbae0b48c79df09b4ea4c937ab3bdd43103afd462e1d4f0c9876e6049e1f858754752dfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

Filesize
496KB

MD5
42d0f468af39c6b15a64fe58fb3934a7

SHA1
97d3b785ca659c77e5e18d0179b4212a8656f214

SHA256
f3331c22a89ac2f49ba64e51d73a75af44cfc383a311e065c7ddb68a66c0ed99

SHA512
2508305f959740de72c7885ba95f02d306f47f85dca425bd6aece1ddc753859d9fab65d8034a553750e31d69fd49b026d4f4df9fb9da4dbd8478d8a74bc5e07e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

Filesize
143KB

MD5
de3ebae57136670fa9580d8f37904739

SHA1
196b0c71f72bf8b01f73c815558c46a4b78add07

SHA256
8b074665702d0aafcf8135b5e70fc2003d3c35e66cff903ce06d2d37206ecd1e

SHA512
3c1ef7a2734e2da60b4a44263ac283f79150d17fae692a2260c36c38d0098c7f7296960e8faf361350b98d87108b6536ca0d5923320b0fca06c12ed93bcb7cbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

Filesize
47KB

MD5
a7dc00df99d4237c584e7b79c15ff92e

SHA1
8026bed095a799d47d9639b780400f7c393f916e

SHA256
624fb687d117531a2b5c0a855f29898e37e542e079c7ee7b4daa45a16fd71f25

SHA512
f53771db28b85ce3fdd8715ea9b7ce17b2f124a4f42c4efcf3ef6b886fd406eb823c054b8aaac28468f2850d93619b4e486450249ff52daa0fe742f7ff477d21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

Filesize
19KB

MD5
03797edb92173e883753e8272422c35e

SHA1
5e2b0d8ef26943fbd810e0441258c6142eacaf37

SHA256
173f7806e63bc4db2fdac01080b7d08133f2206fa3c66200a2ee4920509bc490

SHA512
e6f99ef6d5762ad0972d210f24535b1891a4893fdd91ef13792cde52745066958b4b76e5b51164c66b5e0227885a00ce9735f0f6b7d49a96daf87bbfdc1bbed3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

Filesize
61KB

MD5
dc96750e60d7af7faf76d28f433128f3

SHA1
d663883ae878519f7db2895f4a725a5b05a053d4

SHA256
18239e2a3b032cc45d945583a7e664dfc73c68f437af8d0583ce8df8b87e1336

SHA512
fb2fa0892ad3c5f153b40e8ca222408ea5b3235c2f9d2eb3708ae7600f31818d6104ae067cebb38aa3a79bd0b7b7bd4d6223f05c50a9a16b88faf2ef89996263

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000074

Filesize
53KB

MD5
908f31d9161795706460bdfe9198329e

SHA1
be109906a6f29f66183eb3279a5c10341104f928

SHA256
144d8ca174b9d23cf9c86310cc8b8389d3c20959d13cbf68d5686158ea2495f2

SHA512
95732f15a85c1b4221fd040941472c557a236d9cda760a3975db33eb0e1cd81994606de76563e8913ff15ff7b8c247ef4f891205abc1b3dfd6157d910637eb60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007b

Filesize
746KB

MD5
ecc4e9b8b4cb587072fb22b7691c2c81

SHA1
21a1518fe2e5692d0f99ffe5b43017222bed3da2

SHA256
8004b474242cbf2cface2bf00755e31249daf4cef7ef0c873dc0c78dfe247bd9

SHA512
def991d8a71b8e8d469ae8cf29188cbcf648508017668510d89d522ba9c9dfbd8eb505c42a0f49cce7b4b6eac9f0fae462ee4b31e3a0007b6c01488083e964f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007c

Filesize
46KB

MD5
0e82f7747c69e9295b03f701c8a6c0e4

SHA1
3e09b3899213c9a5396c6a73156879c6d67607f5

SHA256
7390151942af8b456946422b6600266caf06a0039c2499e298280a133d7cbfa0

SHA512
2c33c69811c3f56532e0507a78a33175da71691b02de2d7e039424680133a4cdb023203588b12ed2954d4afdf498000f9dbd7232893aab2696d6bf3a3515c398

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080

Filesize
32KB

MD5
79de31aab2cc02400ede74ff44d3e875

SHA1
7f5b7d68b308f2c38084a3a8900aa4558e923aeb

SHA256
511633e530201b9702d0ab823022b800a334bd554f5219ab5fda7183fb68fc43

SHA512
6f3472e8ce70071fc94bf859ffbd3e6c7a49c32342610cc920673f6d423548016def97d647e95a229ce53534e83f18da6cbc49c764fe0791f0f148477299cc05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
52KB

MD5
7fa31806e30acff6e09bb8945e9ed328

SHA1
9f080fb66e98a60260f20b41e13b76cbdc109c56

SHA256
19489cef5c8b9d00ba83c457007c68160a7fdb8cbfb8d358a988fee8efba3421

SHA512
e82712640a3a4a1f1438096e9fa419d0347cc1e1a4b6a370d3cc463ca13be3911447412705ae36149241a0f5ebcccf21e29cd9ebe25f750e34758430f9e5847c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008b

Filesize
52KB

MD5
2065d1795c93f1b75337fd4edab0b178

SHA1
5ea39f6b988ece42dbd381f84a120af199d8e349

SHA256
c7863b24cb7ecc14596e7b22f54fbfba62030a789047356a52969c561d0e067e

SHA512
2df46f6312e84ada4f609e3f49477d26a61ca11a6273da7eef59a8471023384d6bed5516dbcb5fba954c3fc17110007fb44af16d6caa1063e04381c26bccf5a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b0

Filesize
93KB

MD5
9aa1d9c939947a1437c383aa478c332b

SHA1
045bd532161a6588e7a55e3db6b8113e2113c43d

SHA256
a5e79f61c3799f500d962d9237a89c174facd32605456b05d735ad652e2bdc33

SHA512
3c8935018ccfadaee0df0672a9d1eb1fcdb5984e465834739cb8a59e0079944a4ccaddc19421029711bb292bd8b43e8f68627d9cf17117f0a4a3e1c41465682b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c8

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fa

Filesize
65KB

MD5
197baa827f9fb4d1466ec925162ff748

SHA1
c049b87ca8b9b5ed8b3da884056b7cd7645dcb64

SHA256
9e7b2e478dfff4c3e88518b7cea958b3913e809a96abb9c0aadcf472ee48c62f

SHA512
a23cada01d00fa63d15abab56ecd1e5a3a820a4e028bf5356d84d81b6c8247648e7ab521e9be6a0c42a225c6872d07e8d700d795b5845f13768d7de190f47516

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fb

Filesize
66KB

MD5
bbe66786e8c9957c3e5311dad0047a15

SHA1
41ac837791e470d3227ae4a68782cae691bf3a98

SHA256
fe0f1d8b6263a16c3c6fb03fd592d88984f7f632761ec998048e4385388df4e0

SHA512
38700277be325aeab0d23090f08ca371522637a2d886da0181d6d12fe0d48b0ed26f6ae47e4137fc1ddb522587f99ac259298a3f73bd21675c23b39430c3fd30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fc

Filesize
17KB

MD5
28198516e5b385b19bbee4fb3dc290f9

SHA1
ec4e9ac07df66a540fb3b15d70c6135a279170b3

SHA256
3ced3f556e65561203347082cd3c41f2dda3ac93e2b449d553a1dbfb9b73a1e9

SHA512
b61fd3767488cc4232da87350f9a0a8da08445fb84430cbb4e222b4eb01538dccbc5695fce7cc2dbbc45c3b83abacf708520da9d11786d8a5b6eb724d677d7dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fd

Filesize
17KB

MD5
03a0aa43ae83b56ee544acdfb4aa1cc4

SHA1
d1d9564adf345103f9641de873c56b4772217754

SHA256
aa5a5a7aef18ee566c2ae611c7e7a23d61cceca332684e3f3d2bcbf7c4bfc886

SHA512
84d6c90cb983479bf15c77484758e234f12f5c4d59c4964a05c5241adcd5c6f7a0d641a7efcfb6c8bbcbd8c5e8f1d4dc0c62d28b1f70985680fc74018307a487

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000fe

Filesize
16KB

MD5
3a92ec2488a578522056ab029eeb71a1

SHA1
7a438d516eb50dd912d6f8dfae11057368866696

SHA256
d56fec2159406ce1d4e284774fd1ee371018f131e28aa303ad1675edc76f20dc

SHA512
cd6e5acdcd6ef9664eba57c4d4d591c784316bca0e5f646d8459d632dc9bece95bb254aaefa80f27d828f3d2ee0cdd20c93a197d7c1532e36c1639513f1f5627

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ff

Filesize
17KB

MD5
2397b37ea6ab368a1f367a9ff37d1bdf

SHA1
06126aac175016e82ba35e072cd251625f890609

SHA256
ff769fa64945176f409bcb7ebe92a385e9f9f1b11ccb095a14384dd209127011

SHA512
435b0e73dd48297d250f395377cb2e8944b07461b86dd22231968076bb579b30c869599fa2f9096437589ba1156581387d6f6d88ee6255fc7f3c1aab89909cdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000104

Filesize
63KB

MD5
1f6cd19e8d48c895a3f377823ffd386c

SHA1
7daed41ed2f75c42d2942c9c24382f3187362461

SHA256
b8a85a456499514db113e7a6ce2abc4072883f827d3be5cdf348412c5aa894ae

SHA512
a81c8ee7f21617be3e906b3bb8d8880aa807320fe31223708db441f4187d1963ba59d8646cf68eb2cca7acdfb3d28b8fb5217b849f1bab7bacdb8242f801d72c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000106

Filesize
77KB

MD5
6d4aec40fbbe1710d414662a66bfbb03

SHA1
f04e1201caf088e4ba205a855aa112fb5fd5e172

SHA256
c0c68aa97f328495c23860208afc1ec825efee685eb1c7cebd38d0bf23fa26d3

SHA512
167601c63daf1c3370dd95edf8208f39a10bb9ed43edd6e8dde931a51c297cfefdbd76b793f894053500d19e612a1a03db8147592a980672e6102c5f077b7b27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\122b2ffd324fde5d_0

Filesize
260B

MD5
3d7e7ec3d9a94084486157f66baf85ca

SHA1
39703a88c4edf902e910db9c28e641714016b7e2

SHA256
43508e85ea2f180384ac609a4fc7bac484f5ead5d600a95a0f1c0bf649067e65

SHA512
38d3d556e5eb4c7b11cc864fcd831610cbc113aae6da1a0b415e1bb335eb4fc4a70038f170e1066ae39258c1bb0f5cc76b42c848454d7e5c971553d9bc1370b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\209eda720c89b6bd_0

Filesize
2KB

MD5
b0d16f49641141b578e3cb382c7dc85c

SHA1
8a2f914f0d22f9ac66300a43530af7cdafe17f7a

SHA256
61415291cd4f4fbb2fbdfd74bbe6580d4e38d2cf6c28c5ea5ec5d2331b2e17aa

SHA512
ba7c448ab0f1937ee6bfbda540083df89dfacdf977f70938725584ce4cc1385ec2ec1722ad9ee731f8d1bf1c54b278377164e166b2333a1633677e6f38c0e5bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\260e97465589dc4c_0

Filesize
8KB

MD5
3eb682f4f9f0d9d32ff7f4e4d106c419

SHA1
758b9e76b6f0c2b6a51cbbb4c3de0ff1f199068a

SHA256
ae923f1411de54ce430187ee5b657fae0d1cebb62a91c164ddbfd429b439676d

SHA512
d10d94533c4343e90e74228f9b78633f2fd86cf0d5f5e95e8e11f85821c7e4141aa42938162c9bc2245fdae315585a4d3680d0ebd976f678347ace4cedfa9c61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\28ac61c74c00b146_0

Filesize
180KB

MD5
62c9077f5fd8f38417c548b79a755da9

SHA1
fe14ac09d08a252f9324e5f149c6042258386105

SHA256
95f807dcb57041b1bb4481ed23cbbe7485b898661847d75177e628adc36f5481

SHA512
2a6a8f60d528edd890b6b573016bac7debda6366869501bd1cc1cc8e521bd9d868c5eb89bd508a025a014b9846e38177a30b7ed822da1215e51bdf50e332937f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3c3d1de882d0a372_0

Filesize
1KB

MD5
110af8d1dddb1a876bf34f692330eca0

SHA1
829f19cc39508ed2dba0c7b25afb758caf7d99c6

SHA256
b1d0c135ea3a821a47443cfe21c27b860a0937abe13f404116138f31d20306ef

SHA512
559e20e23967006e55ec474bd914b0fe4e4ef3db26e59994d487c3bfb8041961dbb05f62f6dc476a6539c35067d006c5f4b8ed1ee50a647c7861a76deebfe098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41eee5da360e5403_0

Filesize
197KB

MD5
10e8ec700657fd1b5065a8bc98a1b3bf

SHA1
fbf1a6ab1284d2d0773971122db078a4d78f7224

SHA256
a9ff813c61b57343f80781d5445258107284cd1cf2dbd2387d320771086a8963

SHA512
d5a775ffae269d3dd1f6359b9d80f41f0d916a4e4b98ad90541c2dbc102f34d7be725e4a018e710d50b70ba06c737b674240610d1eb0825cab7baff628494224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\48d28f7ecce0518d_0

Filesize
1.6MB

MD5
4e71e2709588365acb38d82c8700eb91

SHA1
69d78faae073c793793a226655dccdccec54f95b

SHA256
af45400c8e33cec165e905c3f148e7edd74f74ddeafa35040b5f6c19deb1b5f8

SHA512
ab93c3afd3f997613e2f1455334b7b6b37ceb04d6092eeabb524c57f2b4d9ee8d4ab6c0899c30d7e4cfb47ac54bcaa33207a8dace121def26f8e01e02aa80899

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\62d4e0d0a35113c5_0

Filesize
275B

MD5
c218fd962c98bf5be4f8a94501309128

SHA1
f2d70c7da588750ef673df14450b956fe7b9148b

SHA256
f93e40be3549f8dd666e199d9b4a1a62b1f33a262326fe7d6cdcb67c5ecb81d5

SHA512
aabe3e823969a157972bebf2d68638db04219fa0e82559af312d53a28ad3d14737dba4a66aec3673e141ac21e6ba592a1aa8196d1b345ba98faeeda74e78b93d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\655e4bef37877cb7_0

Filesize
251B

MD5
b3d744f6619debdf78a3dcc6b5b459cb

SHA1
7820a198760bca82cadd34a8f4dc243b4d390d29

SHA256
49210707be37b958b369dc52df7d6b41ce7e84c3db8b666e52a45bbf5740f33d

SHA512
d02313e0b4d607cac423ae0212ee9538c424f9ae32e7075ed925ff5fac065d9f1f331345166c730ed2232e3e77487a1613e3afacee637503e35baa3166cc440d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7ede62357d87ab88_0

Filesize
145KB

MD5
27fe0511bcdebec8ca5254bfec8f83c1

SHA1
5f325f7d05b77ece5d4bda7827d035b8702c638a

SHA256
8da991b110201feb01a67784b3d91155017f6f4c9f81a23848befc8cd8834d3b

SHA512
ee1ce9111b67e5f61d24099a2217113f5ff22d3ae6633a74e1e39a136b492697eb214fa2b35df686d26f7f479dd8c1356d0a994d019105d84de65bef327cd366

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c4fd3cb248e8670_0

Filesize
67KB

MD5
baa68399c44836b4c21bf4091167311d

SHA1
8c567a575d943ec4f7cf98dafa6461a91ea84a5c

SHA256
efeafea83721cb5a8ef7aac9578713e585ebeefd3f8a3be99fb82abe4125931c

SHA512
0cdb7d2915728536ec469371a719a83824c8b24bf6fdf7da5c14e1782687654cbe0db13c7707a7935ac48725b5cda6e718a984193dc4e70968005660462e7765

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\921184c24caef4fd_0

Filesize
2KB

MD5
f93b9e96b2bcb8d5d56421262d58b3bf

SHA1
1c031f216a73d469a16fbb7422cb459f17de3225

SHA256
f9cb94b6a91ee9e8dab73795e08480fd8ecd679bceebc8f15cc215f7ae06eb2c

SHA512
cb48f236d476c607eb7b9a17dbc193de07d269b7d336f84ef8f1367769ed38fd6b8564b603296f4932d06015d2b111376cb7e32f8e7d865d83729d23b74f7f15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9e6b002f56896242_0

Filesize
406B

MD5
8e47a49735481e6a377ae8905edb32c3

SHA1
6ec5f0856f4fc03e9993d0c6f0ddde736e93d67f

SHA256
1e596c5b164a597760607b352ee45d63626a004ed9ccad6a721090bbf67b7546

SHA512
03ef07980b79d54237b4e874174bbfea189094bd77f2b8ed8c573e8a4b85d2f0d3a0e27f909e33e74344d8f736300923fba2da37711755ee45f4dc8663437262

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a13d5a22b408602a_0

Filesize
285KB

MD5
3f545b8e20c18eb9a67640b1bfaa1536

SHA1
1e3f0c09731407dd38137fe7d97a15c89f68a90f

SHA256
bb390dcde4e7ee57a4fc92ab795752ed8c41185aeb8dd1b98359168bf24f47ee

SHA512
9eec80e5174992fc775a56082a35e67adec29696b89800d94281f1c89f813251632d455757a49318cec5e637a2250b80dd844042aa92fbdcf31e7f86eb4f5a89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b14e3c44e165192a_0

Filesize
9KB

MD5
33e72bb53793c784db660424241de2b2

SHA1
e7c44a59e310ce669076f90e247acc1eb1e2dd35

SHA256
21083c597d9e0b5f5da9fc8750e4cbc160fc7436939729c158ace52c6d2be744

SHA512
72a61d2941dec01cf47fe35dddf7ab928657261c16406fbca0b966c9269ea430a1d3ad8ac8a46791750c6b327115ff45d0f25362925d5b710a0382d1329e0ef0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cce52c4fd858605f_0

Filesize
386B

MD5
9f147c6872dca04ed5d160477259d07a

SHA1
e43888aaf6ed9bd85d2ba7d91df0f23d1e865f50

SHA256
31f86dae8303da1cef96271d4a0cb01703f15831aa14383330a6d65b6f82a8b9

SHA512
990969bfa958840ad37254dc03f95715eabcb9d8efb9dc0f4e148427b080e4fcb735e1ffc0bc6ac1ff897b6135eaa848d793bcf8f1717dff014386a8406b40de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f505c75241d558fc_0

Filesize
2KB

MD5
0cfb3838b6732801b5cc308331af45d6

SHA1
681e17d6db755ed65b44539e04324e0c35dbf995

SHA256
84e3bc41547f1497706233a9b94921b4db0a881a324356902fe67f3c2c1d8a04

SHA512
74c22cc758c347122f8c5007a145299d2cc6a6de76007e59e05f3cfff9321bfb134298eafb9b93e1142e8285a50d6e449f8e1d1aeb7219512d8fb08a00cab380

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
029909ffb81ee81bcca3d3f45b78646c

SHA1
49177286072e8bda48ea91f5485d8402902a6ca3

SHA256
10d1ba4823e5a3dfa7cf35d74776874427ae21da41e525bec76225def668fee7

SHA512
b117bb92429c92fb4cdaa74dfff609d1ec85af0c690449a4dc3b0b1809162ea0200a14878ba15d17558a7efb41970275560c50f056f94a26ec2e241d80282174

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
c8681f2a7bc2bd44099205a4ca5ab95a

SHA1
dc3c1ffdfd1b38ac2ffff700356707684616c67e

SHA256
ff4652c1bae720a6988b4d70e6ad99a06883c6ba175bce88e2ff7cd6fb84d471

SHA512
709c8501f6a874d68bfc67ebd8075f8ee3ebc474586616464facf48808e803aed7a0c8eb382dffe3a32228700b8026e06b25da0ec6527f249ffc1b5611e50a96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
379ac5443f17e86d3c1cd3e0a39a0181

SHA1
56dcbf7f2b3afa02c620b41daa9fb3c9d865a9e3

SHA256
6f01d64c8509a30f65938d1de0d615c659e9c1a5d6c66fd1d738b8988874305e

SHA512
143f6cebcd90a750a3782e787c92f49f60870a77daa4189fe9ce116071f2101fb0185fd3d08e8eee235681ba3855eb74bad7a18ebd68ee4c73df8d7acdad9fe0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
ee451adb231950a1b6c554ab00fc5cab

SHA1
7ce388f2fdefdbf5550043d6202c0e984b76917e

SHA256
4e583cb896596edee09908faa9301bd5f8199b0bb6c7b9290bbda358aa47443a

SHA512
ac585274be6144d2b94304a53cb720d83d05befb045909f32c761996f3ed0336640626eb03748b19187cf161d2d7700dc5d558dc8b56cf8815986a9801e4bad8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
f1664ebc4dc73df59752c84207d6e6dc

SHA1
575e3e3d45c7ed746a98c16de1d7fc37e9507208

SHA256
3b19de154b4119cbfdfb3a5c8f42b0beea67bb3ccd2aa7059e4c15153ba5ac70

SHA512
7b242f199f94309585790ca60a099b11f13b45bdfb86e2354bf45608deb56077d01344ef08a7eaf03a5756f21fe5688ed912cfce4e0765cb01209112f1d866f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
050b2675c67e6e2fac82608bafabdf83

SHA1
521b26f2a0d38cd14d1fb27b05e9f8d294e2ae94

SHA256
8f2bd17e91a2fd6208c85f6e1b7170c61decee2629053d1c748ea009a0e57b10

SHA512
de360b7cc2e2d5da2e8eefaf14feda226de32aebda52e750d6a7a6544cbd15466af151311122bbe95e9cda419ade6230c158fc2cfdc1fd230c160613bd78f267

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
768B

MD5
6d5daadde6512a14dae559f4218835a1

SHA1
7f3764f734eed8476bb751f09819ab535d11df50

SHA256
5628f7c3fd2a42ac205e55a6ef72791257e6197d282b096d882686dbc7c09ba1

SHA512
3fb078b90851c512bec329c7ac16c55226b914fb307c74a26a71d7d6e26af0ca9ab45c1b27001d1c2052e23ac897c0861d581fe541c988bea552f707664f97f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
fbfced75ee7479a0c699843adf37d547

SHA1
73adcbf3de2790a0620d9bb5052cc08a2808cf3f

SHA256
34b35869a11b612783bae12116bb2db9e28187c04a594e1b1b9423e70dbc2b51

SHA512
f70fd85cc4cb43f32173a42d6c37907f234f9139111e3eeacf586ffad3cbf9b4c8bb82059da0635e19edc3b472b8d4ca13e9bb900cd8ad068ed506f15336869e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
e313c5cbdceb41a3c2db3467439ad9a8

SHA1
789ccbf06c58040356e120821075fdffcc987acc

SHA256
520031399d1619d5b184d1f103dcd5cc0829e9e72a2f91199da956d0500a864f

SHA512
b269c41ab25e9dfddd5fc6f74cefb41f5a6ead94483d7c529d8907cb53749acae6ecaf228969504aa2cf7af9f12c1e5856e8470643ce223119b07bcd98bc7e9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
7b6a0878ef6f3d6cc2701f454cd3b4e9

SHA1
55756ca16fdc554c9a5ad3cf1a808ce73cc53ddd

SHA256
18e967ca1ab88a71956fd74f667c40c1eb28ead19c5c842e491fb938789fc29b

SHA512
0b6572dd5f8e75787a7f120de72b4eb3de8ecc9d6fdb66e590fd9ac46750e255063d9e450f8ad7258af786c565a157aa46929d2fdcafb829b8877119efa3ee17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
24693512bda5a27c923010a9ae354d6f

SHA1
1dc68a0331b9d5bda36088d5b69412317f092868

SHA256
43e3dae962addebfcd0fd861c1550629f1fbb15e2c3e6b467b03507b686242eb

SHA512
3022a9dbc97325bbed81310842440e9617cd555dbe0b504219de7b048469c2d3f4e7a65c42e9acc6a04313c41e724e8dd76b0a6515f496fa42223ec95406b0cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
fc1d777540f5c37e4691a48a9f27764a

SHA1
68b931b7a7e64faf71dce7b46b2e6554aa892e7b

SHA256
92a38f068db4160dd85265e1725198101e00e8ce972279cce9114e1dd7efae98

SHA512
017219727892a83c2c381ae8e6c2dd83bc152e4a18437331f954c4e875f5ef6076e5c98572b22ee08cfb0610d8fea08cc18f422ca0f9b138a3a46a502fd76b3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
7c7850cc5d399b3ae2829203ed70f47a

SHA1
20356b0c1547955c4587fdac03991190fe089813

SHA256
554e45004d45bf55b8570b3a1820e6e3778f9b76bd4c0c347ffa2a27f293bc48

SHA512
4e16a88f94426d7c6d9c0baa16c2e3e32e4c02e4784d24ac97562a72f47da497ae60ae837f0714c5a4ecc6ce19a0c0b5ba10059619db43379fc2cf0e30c7c1b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

Filesize
285KB

MD5
d32f5994d538241ede09098e637a94ca

SHA1
552d62846012e32127c95374e6e88de2ca82ffa8

SHA256
31fcd748fd0937205fcaba4293fc565072647431640f52d2ba830698aee1570a

SHA512
3877be27a0aff9cb96839c23948e17cde3a76e1a835382c6b729c9ddb1d47dbadb009002bd9bbc90da2feb6cde4875275ecd8b82a3c9c4c75b5207b00fe14c4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

Filesize
389B

MD5
b296acbac75e38e9b8091f1c09934787

SHA1
e1228d644181e4d359da2c925d8624532053799d

SHA256
36469c6cd46c93d8fd906f8995d24d4519d369355d0012281313fa3c9ed68538

SHA512
c640e399800314c2e2140d0c558005f06cbbc854b692ae4b123dc764cc254cd982145353019873a20d3c7fb2dd19e5275431e8a04a12492204fd0351d1e6042c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe5d6218.TMP

Filesize
351B

MD5
1b769f71c2267ba63cb81ffa29271143

SHA1
ef598b654e54fba3d689d36f2378d34b5c7f214f

SHA256
5edb055322c87325bb1506ef324be3fce971a818ccef3615d0fb63e6634e2ecc

SHA512
e7908ed5ee4e7b3e52e4a7ccdcaa1468a41340c445189b58894f11da144fc9eecaef0e3d503bc1d157d21081cc90b7e4357beaa1f452b31fcc7df0f8f12969f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
b5892e2eed5b797812ca99ee459338f0

SHA1
f6d209862cadc3f2c31ed93df31a3c407250585e

SHA256
1e8985e6bcc42d5a5f4b5f8cea83b03eeb3b688903443a8f6207b5a56851abcd

SHA512
b58469f00bb224d9d91922fd39e297be60f0ad0feac6eedeba5750445057d10dc6f3ff9dc4225f3ce09fd4ab22c684dc7ca6313496123d3c2895843fa6fe9b85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2da6bdbc8ba4f1598c3b997f930f6117

SHA1
d2eb758aa41a83f5bfd862ad97f57fbcbfe4618d

SHA256
6bd5140907c77f5a73f75974c78f400ee1c28c7437b7ee86af6ad717226b1d05

SHA512
572be5fb0a583ef6a7e8e504bbb1fe1efebbf3e6563aada0b838def7ff01ac2ed089ef59d0e1a130dd7e789f4f6daeabee4fa36c6035a9d25264842f888fb505

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
a431713a1fb763ddc1ad9c366d2c3764

SHA1
5a5c0ffac801381434b5290d50ca80bfa845789a

SHA256
9cb6fb0ea55f168b894056c7553c4fc03b2cb5fcdef540f9bf1209de3eeedc92

SHA512
78986862c0dcffacde5f2f9b9a4070427e4eb3b18120c98ce78a242fdaa5cfc87519c4cc328c2570a297775321976bfe73ee9c260e690a9c428746078d029224

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
c08a0534508f4b5111662409c8062dd4

SHA1
dd0f7386b8e28c1849583beb8d631897f8c5adda

SHA256
487faa62ab5c7ec6cb3932a54c283cb4c8bdfc3558726a76e99db32e67dd6900

SHA512
c19fae9be0341807b82aa44a76bd356ae8467e88ea54922e7084b8623be2b7b2e7fcefa770199fab776ab909cc71cc38609d5108219b1656f273c8fe33138a23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
e1882be29e0d9450306a2b47c0542b24

SHA1
30c988ce0631a359b5bb76287ddc7e8dbbe121b5

SHA256
4d87c5de0464003bdac30700885c1de5c05f26a9f23e7ce0b25aecd4b7160493

SHA512
2404c2ba28b76337d3275c1229d6c1fb96c2f7b04d6d318eed1f1ad0866f6025695f73868a04d99b321859e426bbc32ae64d3a554a917bed954289dc748e3f85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
6f0723474657a3690d3321717d020f42

SHA1
cf5aafe5500ec4df1adf2b12ba705818706672f0

SHA256
9aa4f3b0f7915ade54abd8e47e49845ddc0c0c69cb4c97e4e02fdf7f51a3a6cc

SHA512
de9bae50b0111f08c528be018935a7e75062925f34a8b5e4215b0fe82503dbed1298614efcf139b91cb13fa6f5434d09dcaf5390c80b1725508334bdaa63d222

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
48803930fdeb89d4bead8cd73ff39d4a

SHA1
d08d13a8b5813145c45e2de2c8c19d52a70b4908

SHA256
ad536b5bc52c8ec8e855269838258be276862b2d13d2e0003aa624b2d3cf31bf

SHA512
076449723023d420641d6db657c5e17835d29cb8ab517e4cbd6cbe1340325dfc35ffcf018ab23a36b392e99dbcf5ca204292e19e30797969f5347af7b27b873d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
4220094ac54fbc933b19f20561371666

SHA1
58ef4038a86b766fb092e2b8589aad9ffdc05166

SHA256
fbc45503f780862c8dcb2b450d06a8a8b57049775526a7464fc8d6dbfe9d3486

SHA512
5fc8c62b01142a080733b2c6fa64db7e7e69b1c62f0bd49827e88155e942e588b6c19890baaf59f34726d42d0c1fddbac2c9b60d5384259b8867725c6b41941a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
536B

MD5
9e60d4981ce2e690fd5cc243abb3e687

SHA1
ab0e2d77e37162cada882304ad95163f1b4404b8

SHA256
064da87f15d32f1db381428ceab9538aed8ebbcf83308a07a02ee0d775742740

SHA512
637f86d1feb847d36b82832ff6bf77cbf9592c1c5e26b6c60b10f70c77f5eaff51bfc9de6e9eed86e99730111ea20093620634f7a4a782cd5d8beace8d105d01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
534B

MD5
36dfddc9b3855957edc58d4b6912c894

SHA1
1629f91ce23ffa09c11be18106bc8ebe9f8f4a7d

SHA256
d2e2d1b3e9101b54eb404f0b4d7b4e46c55caa1446c95b998c83fffd30eb8e5e

SHA512
0738b27e2eb41fa52a2f0fd62b02752b3b2a42e8d095460757905ae8b57ea66f04ff780d099cd7d82ef07f5f58362128b4d9aeacdea9c4c0f58db2a213837aba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
536B

MD5
0ad154a1aaf230cf5bc64c77819d4e21

SHA1
326aeb7dada6752a67707645a4a864fa0f1608a9

SHA256
6f66f8fcba4a98ab074572908e8acfc28fa310d31a8566d167c293b2ae255e06

SHA512
50da6ae30b3d790ed9d25d02d0d9771df4520eb4ea96bedfd066871eecc13eb0400268ece1f200a1ee0162e7f599cfa421ca22398bc8b965584169235de43b34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2c2c45e5328f9345b26d7a22736747e3

SHA1
53e97780085db48df71bea595e6151dfd14dce47

SHA256
c7524053e8b9cf525c9226728a764a513d1af9ec75a3189b9dfdc6249202b11f

SHA512
7a71ef1094f7466416406d7f8720733ef32956b20b5c057923b112f880b8d4d54e21e9d76390ed59818555109659873378966d6ff57ded16db8d20edd4306264

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
4e96731577c22b5945059c1eba62df57

SHA1
5ffd10b700c7e4be32d5bfbbcb34dad2d74b22bb

SHA256
2b1b0989894931053a5484b5d688e121f1ff8cb28cd834ba64922a6b2d6336a6

SHA512
26a7ea73ab8487287dd1041bdd641862ccc76774814e9cd39a3e9ea6d76820dae5f9ded845d96e0ce03f3893862c26963dd52e6dbf709464730728399d306a6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
92edc0b3250b536652e7c78da90e8172

SHA1
ce34d1b0ffc998755c3dffa53dfe05e541df6183

SHA256
18f6c4532f36fc3713be6b1b34e67945f8c887f04cabd4f5b23ac8a630a05b8c

SHA512
2b18b2967f80c8f09d40d085ca4a79dfad230bad38ef949a8ed88e2d5665e6a1d23623b32ee58896a837f1bc7bf476b1abfdf8c8b41fe53865da98cb0467309b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
c5fc6460834abf460f5f8bae9716953d

SHA1
5631e1c65b71ddbbe67e5ec233062d51650421cd

SHA256
f483a08db7241ce8f3bdd7751746329834dbe8b1c19fd6d478eea4a837c1deb6

SHA512
d01c6956a6bbb8e83baf1faf50ffc8f056fa299427cad501599e5055881d6380582e965b24bc6e9c838c04c6d73d5411f83e95ba65bcbb6f80b0f79ccadf9c39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c2628610c79d0ab7d442b89d5f580b1d

SHA1
a6687d62fee3146aa2c0dd720072ad06eb4f1962

SHA256
480b53e6b6c0d2cf02e19768ecc321d94be0572be1435077618cf860f9836484

SHA512
6d7e08e0f43b6a631e9df1f48bd5fdf653694c975898f0849006aa3dbbaf5c267d44268593939b8e633566e6965d97fbe04db1fd7ca15e2f7c4b0d3fa8bcdc00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7bd5e7fac581ed3c642a6bfa7cb0eae3

SHA1
0cbad70c3d0e7d1641d9f94e66c49470746639c0

SHA256
e21368d4cd007941309b6ddb7d03b3394ecba3433aec860951f7d671811903d3

SHA512
f26b19461ca4eddafdb0512666bb836197f0ec18fd5d9e4c93b8c36004d6e35a57ef4adeb09bcb5aa235a6382946679cb42aace565e4c3ee2296d1309f32cbe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
0cd24423434fe135d651ac872b536610

SHA1
4133cc685c16c64f3c40e88ad810d5e7a5339c44

SHA256
019aafdcb9cf0c00f6752149367b7a4ee4fad1609b0aa887195e7ef5956bbdd3

SHA512
297f4bd898355a6e2a25600a0ce4d5d772a7e9c6e0f4d9a01c7e90cf5fdaf9d0b86af101af75bdce0847b3a347ec7660e7427169c4b6e8b96609aae817a7f0d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
c82d42fdea4b60cc2ec765787a27690c

SHA1
1080f467b1498aa2e5bf0c3d110d4b85e98d60ca

SHA256
a7bbb51f57c75244fc8a3cb49558a4acd7d5a67e6ed0934bb21f6f22ae987432

SHA512
72740518fe3fc06f989e4cfe932f237f342572d3b0783d25945dfaace80ee161d43757920d40e33e4c559e4fa6e618cc8d917f376f96f0b96d9507c93f541bb4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
5b4c01bbdd547a90a768574122cff754

SHA1
a13ddba1f2b9ca98db462b625ae0954bb3fabe6e

SHA256
91135e93a775493f17e1493c526c8ec852bbd5a11fec28a413210ab4c9361ff5

SHA512
d2fe8b246b0cac5712e677e787584c30f56d787355a2492b86bdc623385f8b55f966b3240d912a63f41392228ddd3020569b0ef72a04ab9dedc27ef175c5b521

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
c5358a047f9275ab81c2ceb1c243cf03

SHA1
818c11b5a92eeaaeff650315b0a37ecf3f02b772

SHA256
423bd11a11af2051d80e8d54fc563d25cd05ceb70d21bd9792e2cdac87c4f657

SHA512
70672f435eb3c3a325aab2987ed7a9afb71de8236d5a976511bcffcade1e6c0b9cff1d15cbe7d00b930a8fc4e33dec7f06d3ea9b0b010d9a924119e883367dc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
9ff818d72b6bfbb57f5862fba7213f06

SHA1
6633899a24fae68c579e67b0d969d1ff34ac24aa

SHA256
f6deae2a1657a219a5b87ff6c1d0c50513de5ac7321663d0ed5f554953ca0d2f

SHA512
95e55f8f5b5297af6eab1f1569141756264a94986382d82d4e6b3a2a5c5a91eff1bf2fa66b31e2da4d999625a1a346ad5ab96850e5a96ff3f6cfe7f26c4e2c63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
e30b4943622a66ec1b1c8937b0757ae8

SHA1
4d61a901a50eff57717dfa4678232efab865b1d8

SHA256
3798abe90c9d877b7ca90438605359e0e56a2248af2439539427cc936c1d4792

SHA512
909af000e1449273c6a12b7219e583a02dfe104d39c04bf49a92c75f6449b026f4e2be88ecae9274552024d7659988713e7e27264f58f234dd5dd1de3f6ca431

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
c2019c1fd29635a094d18eb556c1de96

SHA1
71115a63e5e35fedf5b99ae762f643ab168a2c6d

SHA256
37bf8e0913a1bcbd141d8212aac7acf8cc1669fd3d6a342c37ee7dd0626b02b3

SHA512
8d68587f82cff9d366907b62744b71ffa79449dc84e0d9138059fd2c9a2d8013a82c6856a5f8d35e7dece56835918717ef98285a0f9dda85ba2613176786deff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
651084d0a94c5e44ae9bd050b3b4a333

SHA1
00246d6ff7c0ddca5cbebaa7f248af355438d152

SHA256
8d11dcd908136da466d5afa556ed960109d74824ebe692e41fd32dbfbe168548

SHA512
5bc1ddea3d4b230206e56c2ad8dcde9c7d17107dad017887d0a0db5d89a9fa774116d792a0d29f77669a54f7e8414102b82653a988ac2d4ada46b5a746fa9d4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
e86f4268de93d8b94ecc15895414f7cd

SHA1
36fa399d5241c15f3504b3b5a5ed28ba7e386464

SHA256
5623ba5670b158951f3011284b72a333fcba227f8c55620862910aecfabf03bf

SHA512
cf80ace0496881a2c601a8a7e79fd1e5c8a2950226bbc4dbc66ae6db46c44e0fa16527729bf412c0baf72dc82aaba64e67091b80b0b0c43251e57b63ada36663

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
0a6997ba72ea7d17ef8b3005fb0c46f7

SHA1
c02b85584ff65f39cfd3b7175dd5763ce691582f

SHA256
76d2dfdbab7e0817d3b5e1d476c1313021124a706a2c25b8579177046a2d9acf

SHA512
39acf411407b46a9f06cde88d480507086acbf25ed513ab6607dc13f367a9cd906df7a43febfe4e864ad721851e4c8df12ed81b02fc551361e3b5aa390a8b131

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
2cc40a69d94b7b06f317718c27bc64ce

SHA1
049e7c31f33facea0c9c4462cbf99af46c336d11

SHA256
57d457eeb664791cfabe95af8df80cba51c0f11ce22f80918a25816e3b29c7fc

SHA512
b8a4a77caf4cb545361c4cafa7d5c4bd5f5a6f8d540a6198bf5ec37cf30bc897984f37210188dc2a1aa6f74eb86b08d5cd670e7828d8d3c805104647fbf744fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
488f7a4feeb7a13f4c0f12756f27b314

SHA1
4a6fe3b3bbc53f3eab8c9f6b69790e66a2b67a83

SHA256
cd9251a1de70ecd65eac56543654d75139a3f05b705916b9556593a4ac5f1f92

SHA512
1baae439547111d50d31992655fa19aa1e5314f53797959ae4a56a045a8c5c6b9367562fe930b4f1e53bb00cd19bc9e19d7957ab0e938132b45dce5874dabb32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
9b249fc4910e7a70791518a41c733ee8

SHA1
9a9a5e71f2bfa7619b5fc99b7d826b57b06d6e7a

SHA256
0261c0764a5a3548dad6a420a2249816cd177e8b5d1715ae7adbcea894fe180b

SHA512
26cd04436f639da337baa1c6d9ce79cba71f8e5ae3825410a2f7061c6a7135b5c10b38d8048aac879b54fd1aecc27bad8ab6ce7d68afaf15ae4b434cf7f93953

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\d026dc0a-88de-40eb-a77c-991953db3aba.tmp

Filesize
3KB

MD5
4faf5cf3cf578fdfc66c229402ec746e

SHA1
fb8bb835047ee2fd269147ee5e2d3c6072c5c72e

SHA256
0fb8213614f4153321c45cb0ffd8bdacc68c36755ef6e4710c22120a14e0c00b

SHA512
31a56bd48dd267bf7cd8d389b6d0e8144793d3aa82af83573fdedd380528ba0f9d453925a17a3ce63182d47c98f26a8cc0387f61123dcc1d00130eda2e5a4066

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
fdca29b0488e764c4a69c26d2ac62249

SHA1
88c052cf38e66867e6e6196b56bf1a85aa38170e

SHA256
5c27efbf15ef2576f237624b61bf0dcbb609fa219225b3527483e3c2dd00d03a

SHA512
e16a0366eccf622655dd7328cae5045f6167d47a27989fbe8664e72d644f6acb5bbc8eaa67508a9910069a71aa07de1ce5d0a3b0cbb130ff2c2f7e218e949778

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
19b04e8a1a5b7ed483fcbc6e6cb9adde

SHA1
39d061375ac33480f168cec2b550abb70c47d4fd

SHA256
9577268008cc137c2bf4b9f7c303b1813ab5fa17256bba21ef963045e2a42611

SHA512
5beff8d172faaa93c60371a2e81883922426a9de329e6dd37e9e21b5902b6913dc4d674cdcd05ca9c91fd5a8feb428843834ab3c168ef05a266f1ce93309f622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
4fe03a37b8d6af90342caf7f13d1fceb

SHA1
0b22172abc645529718e3bc27060e866bc40cd96

SHA256
99a2eda40c3ac49d1ca9076568e851299ce721feb5a031c8f53660b85f277be5

SHA512
9ab68a925688b7b06e537a5443f28e6689055aeb51558f5ec5044d017da9af264c6f2c56d27be8eb3e0b7289bb464ae1922bda2b26b53a05f43cf56348e9430a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
274d6d3cde230d2ed625927b4e50a707

SHA1
4a53c9addc0062c6e241087c8049ab72e88c0525

SHA256
6bf075dae27ade828f094712fd077f2edd6753cb50bb3b197021b010ff270d97

SHA512
28db002c4aed2515c2e8619fdc716d9bc3e7e74493a6419a713b39e5b648039f66dfa863530c755c630d37c065c62f54338f02f069b34795f83a3f45b5d0b1ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
918d23298b457a700d7201d474aca483

SHA1
eba42a64a80e562ce404b9cc0530f4bf64510e2f

SHA256
231a84ee75e639a352dae36ba2085ade17d09ec6a20dff9f2b69add1281b89d5

SHA512
438da90e2aec8ea8befcc1c65b1a61c3a7c2c8a4e26938718dbc757d49f8391e267d813bb2938b7e289fac247f66f009b27b0493352a49cebd2111a8f1d53fe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
341d5c39f2bb9c98d146d77b9514097f

SHA1
5cbd100963df354ec70257ff259fb998f61ef63f

SHA256
62d851c32ea9f1419e70d4a35ff9d7c23f53a231eda8418156d34303ae7d3098

SHA512
9e91d02f23c698a6e21fa2a1469d3f8d2d8ee9783691b9df2b715372fc5c41b1f4d23ff39ae8d331b41e4a514504dd6c78b37486fceb4588db7a5776e9cd36b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
71e2845b1415fb4967a1c16355e70b79

SHA1
76052cb093a61336321f85ecba1fea9b9feeafad

SHA256
2b4fd11b10ee7012f1aa1f966721036e89676e414d801029b9e61fa57b7f038e

SHA512
28d88d0606109bc45d2cdc17f90cf1afd74ae09cc2d0907fa8574f4c71f4a80b79bad33d8572543297779651195c43b22f4d1de275d34a21fd92a18dbec988fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0f8854032c673c504fb9ad34899df61e

SHA1
2426227177e5512382189e5a47c9228db862b777

SHA256
a67bae5e555264296ef23463127807421be4bac4fe595b0dbcf5a71bff0da535

SHA512
2773f6a92b9782caaec59e4ead8e5f1c16f0d62efe14b85710430297bccefeb8bdeb92475eff9a1308c789f0e700ddbf9b2812af046d51a163534812c14da9e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
6bd14b45eadeb3f26643346a4aa61b4d

SHA1
7a80974d26dc7eb36db0cdd3b4723b8ea0c0f712

SHA256
a6a1b9b8f127499140b05747bf00981a825a704fa8decea63879608e32a5e680

SHA512
08c150443765c0607971ff131e91d9e117252669caf727d100e2e9bb3a0a3abb510aa7cf8c9b6c845b67caa27a792275e688455b53702c5f1e3a7c13a7a250d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
19f4de7bce7dd616a3e2ec6f674db7f2

SHA1
13a68fdca9d4e6df300f0c0b359da0d8397cd680

SHA256
265e9b3fe60b219715ca5394e909a25729b64d18df5395e36da1025c34997ff3

SHA512
dfff13d434c24484dfce3338b9b0394908aacceab32f5ecec4392ea4fee6056d41ef510aa9637e4c40cfca6e54e3ed789358fe7a022ccfe1e5014ebc112f2852

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
af29adb9ec09177bfea013e30e24c579

SHA1
f61bcabe871b1fe3e05ebbeea6cdd3dad76f7cde

SHA256
218e5b2f742d0169fdf18d06edd4bd7042fdb02e7f84de29b88f7ca166ae5083

SHA512
bebe6f10eb46d3f0f21d53682d8fbe5695171e74f4da0c0ee13b5dd99ebdae807304f122f7fb72294d5644e01422e7c9858cc43d3a61bbbb670cac4a9a77a6ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
1cfb2e5b7e806b796c3a7c7349f3f6e3

SHA1
f7d54a9265f1702fcaa0542fece3746949077814

SHA256
f326b087f9d1274dc7aab3678723b2dee7f4979be772dac4f892d0f73b193309

SHA512
2b93d6a12277b8ef647cfd812d434506c55d92e277d9f89643f4ae9772dd30f8894878ad2a130991bca29d09cbd2304b95cebfbe7f67823600b35884cad87a84

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
a21149d7efa2620e6c9511b0b05829b1

SHA1
0842716375deac41f1adcb29170778e790e5d6cb

SHA256
414e4c501f64a43706aa783f46e3fd8c356648d91513cc8bd652e4b366ff0823

SHA512
231978e48e98c0590ce249cea2fca7961f2f45e35832758e6033e1d3946185e4930e5ea956b7cea87f7b1479319f24a7005ada5360936fa4168c65dec35b6c97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1d41ac8307ace3e2b7ae76b1bd6e0392

SHA1
0b26b7beb7f5e2b3bcdb819b9e9e6c0623fc36e6

SHA256
5cf85c1f8c772825f907eb4db738d9fccafd7a9beeefb638dfd670b4be98f7eb

SHA512
bfcebcfedbd7fa872945d438d5982d05d33cb693a4ad8dde8f75e1de189d995838c3ba6f18d909500d5051a03389216f9ac455a30b83cec078ff19c9b04fc2a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c95369cf7ca61173bef14c537c6d7e5f

SHA1
2cce6b2754bad05542739ea8fb4ed9fddd715e05

SHA256
46e9eb9aca3fca88d7b0c148b059fefecd8f7e9b2f08837593ef1c33e09e7f3f

SHA512
319489d639750f7748da3d1581f4b45b38d86431fd49d4396b5b83228415e629da6dd2eac25c9fc3aebe13bd80253c0b6909c2d85e8d1ca1c6c3ba99dc58faef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
eaf80d2fdc888da4ecaf7f641dce2dbc

SHA1
e8461a7c7531e12578da3b35a9e513bec81ca7aa

SHA256
3ee44af1364d774431cef2cbb791567aaad94b0e0eee64642ccb8974d1255640

SHA512
d1e3acf4df3f2f5db57b8dad4f1fb09b60239a6f29b7048aafe0b103adfe68dc509917d7f2a4c51905938693ec7008174dc934be539af0ae7e8ae9d5dc10c9c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
0cdf978c2cfa6c154516ecc8c5a4d9e4

SHA1
ce74608519669e747762b8aec7b982b1e3997f95

SHA256
6bc3a36c1dcbc8d0d54d9b724c9a879b2730d763cae5cffe0d13dd9b4997bd09

SHA512
316ec3c09946f67b2c7e70e7fa1794493f59cbedccff5d44421346adee6c00e8593f74c08f1e892498b79559b93f2165d2abec91aa5a34b56b78857118a55e01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8e51bbc8ac9f501f8dcafb7043b405fa

SHA1
50958546ab472108470e8ec48e773d4738ed09a5

SHA256
ef84a3bef8e764d2c1b10c19459f7675432ea21512113b1b9697486dda176d7a

SHA512
abcf824c3d4d73d84e75d0dff023ecd74f97e5b3f8159ffb6cc772cc1f31b0f2d12cee5743b805494213315ba68b4017cbf401c0f92635369c9c854f97d774ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c87e175ff0539226b7bf6158b5f6627f

SHA1
1dc034c75657b05ecd8d5417e0cd5b9948eea732

SHA256
629de9333b048424ff9d7dd19ecf5e63993ab2292d1c995d463a441acb576e4a

SHA512
bb3a9ae58083799b07313caf9c437963cfede9aec8f0d58028bc3186015b9a9b85486f18e351d70096fc7047373a4acdc30135b724b96e07917c32fa739d7093

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
eda8708020ac1b7d708e497dc291deba

SHA1
60ea9cb32f63b2410f8d44e541cfeae7f5be2a75

SHA256
d9ff2f4caaf5df194344a8e0f704f4f13a218e3bfc4abc5359dc23ef4d007a91

SHA512
671a113453a8f9da28262ac286fcae5355fe80afe8faecb2a32f59f0cc13ab573f0d30ebfae49f964488dbbce841aace08b29840d2d1bef332133b4b8fb215ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
41c3ae04d14108951687b72a6b2b897b

SHA1
13bbeed0c13b1e2041ea77b8f5e989c0205b3e79

SHA256
10fcaced9ab219fc2f11b04e184d299237278c9c482c916e3fde541e8072afb6

SHA512
e391735f6f61c3d2564ff2bfde15bacf6beb1b983181445a23a6bebdcbb27a6d87b050784dfce826c77c0833cf8f45d11571748ce723aad4a24560e7f9d38f3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
54297b75522fc975ba5386bce4f2f336

SHA1
9c483b9658e45ae9fe925e684d7a1932a59ddde7

SHA256
b8a5e595372ff49d64c06dd4820ab7e8e240bcbd1a0ae48583954162c667961c

SHA512
a23ffcbc7c384b1a1421aaf7aac9f81c822b3695ce796b4d3ba1afc7670b2898a719a36dabeec3a9db9c0f666b1f568af11a9452ff7a9bfe4da534a957229de7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
3f9a1923e9a462f7b8358422421d97cf

SHA1
dafee790d03cf74fea8eeaef67907453fbc831d9

SHA256
5483bb863e6b4ed2a57c9916b5554be23933c29fbfd50a11a17d85461c608396

SHA512
19c346711fbcc217c08934fec5d714b54b8f3da6ff26bb7c1638ea9f9a139f5ece49729fdb9d5fd74b590c75948e1f621172ae5ff76176412d217a8f329a242a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
86435c5ff6b160bc9dd351fbdf09afeb

SHA1
f055f816e13c5836062572976863fa56a5ff2700

SHA256
4c6214a2f427cbd5b5383dfa50d90ea3f57cffbb9bc118084fd67b9c733bfe71

SHA512
fb70a79cd57fbed9e611d79fc4d74315ee1560211613747503b0a7280c48e2d46a13681805feab72e103fc4327f14927f02b9eee74d2103ede2a73390d071281

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5476ced578ac23fcad30034a3ab354db

SHA1
d51babf88e43071e3694fafa2c1d8f6268d27605

SHA256
c065c8d2a8558844900a3dcf8cd0ce7dcfe41cb3b323fa395d90719cc4fd601f

SHA512
a2a3577a6985b648fa007480e88de4712e9222ab5a0b05a81080ac2f4f028413b1dbc76e2d5a2b3d2660387abc5663ea5c1fb61f6a73fe6fd2beb512269701b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
922222ed5efff5f85f6273294751e0ab

SHA1
6937fee31b32ebc303ae3d18790fa0ba804fbf3b

SHA256
e6a08ea9078351b40f0188838146cc9a69a3401d1d882b7c2c24ffa8d9373702

SHA512
15d7b20d29f26195692e435c725c9e0d9a9679c4ff83882a04131b1c2551ce04ae747847097093f6687f0c56e09dc80ef00faf4880bf46dbf522e29c13e938ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
5cc0f14baca88e35f949a68d64870506

SHA1
e79751be8528db0a725c5db286d8bf105799fe88

SHA256
ec62de132ee42789786c02f16c7e628b061715521d9501d097ff34f18d6ccc67

SHA512
0fbcf01b31b1e96c693965a2e7b54c1d793e3bb72c750c2dd4efa8791f81ab3d56abb964def2fb6c538e11156354540b1346bdd6be519f3b711776b0e4f07828

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
3f34b8895393ee4437f46c98e94485c5

SHA1
b1342d753448f74467de18cbf240ea643d1f7eba

SHA256
a311c1861604ca162710b708ef49221c2989b75abd675c0b5ad07af5ac682cbd

SHA512
c7a83cab0124e48d3b866a599c0efd2f6829986ccade5063c192a63e15447179b473bafd431aa62ec697536afc2192449e5d7e75da4a059d33bdf34949c71e17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e93f6e02-000b-4f92-87a1-b8deebbe1c83\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e93f6e02-000b-4f92-87a1-b8deebbe1c83\index-dir\temp-index

Filesize
624B

MD5
faa591b511ffd4357bae2fd3a0af8e29

SHA1
5687680d685c172df5851c388fd86df0e362e9cf

SHA256
5279bf5a78531f1c1e6d89b42e88612332d326e48252ca11f8b8c0ee7aa1a45b

SHA512
1300d8e31bbafdf8688c88ca4ea5c8d459b517324f75b728eac06d1ac14c806ffa651b01cfc13bbfb945f6c01fa2f9ee723ebebcad7c64f95267a7c3b2adfb0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e93f6e02-000b-4f92-87a1-b8deebbe1c83\index-dir\the-real-index~RFe5b42f1.TMP

Filesize
48B

MD5
e916778a5d914d2b6de7195f343b176e

SHA1
be279082d14f23cf492a3ac03ea36b9b811f88fa

SHA256
8fae5da6941691022fc9c360908e48d2e9bf1773b391f462c328a61ec9ded18c

SHA512
677af444f92bc42e15e56975f22a99db16dce3d655f5f04f936542d202d77e1d4e8db293edb832691e8a9c9fc0753189b4932a6cfd6c55b23e073f628f9842b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
16162fb0263ec81b954efff3a37faacd

SHA1
dcda4dd74c5ad974d57e7f45202f413506e17bdd

SHA256
f5693f5f44c54eab21383c28fc728389b0feb655299def66fb2e8d7c937fc88b

SHA512
d9e65ef3e9fbfa3b3bb19a9b1aeef4c886ad66bb175544be7d47d086e7c077cb3c6426044597c26d43e77837b4769d8d7552caabe6990e8de66019f3b91d8583

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
9b97aaf24812ba86f7a5a3d95809c207

SHA1
3ae0ef6ffda14dd5ba78780674cb53cc389c6a71

SHA256
f0710ffea6ee6189e209b720020a911f8910c5fb648696330200c081bc824cdc

SHA512
baefeefbec8139f4a2a0a2553ad82f2c2694d1cd8da4c9564aae9dedfcdc33c14e9b5809e4bf640d17e28f9a35ff9fc180f81283624f8889e839fc7515b9c4e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
189B

MD5
203ec68f8849b166f8ce6b1de4e9aa34

SHA1
03596aca0eb5bb02beca8f55c31bb2e150ef6c47

SHA256
6f01079b9e0510bd9df3aa0576b0e2a927d87243f746e4b689f03ed25c0e0b5c

SHA512
71d01942b0231cc37113134a811b813f2bb7256efe448bf5c95ce52ab8170eb86c2c1d1bc60bcdb1d1cf57d047956137288d4c33d2697c13a20c465f19d3bce0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
129B

MD5
94ef075498865a545a0a26c20f1e788c

SHA1
06044158b4d938ba39a3de97be93e65c82d38e4c

SHA256
ae52fe06f1111ab8eb9dd92dd2e2b7b5bcb18a74426cf82e8aba4b9b19a379e3

SHA512
7f2d852fd38dd405c763b468d4e5d29e4637f9504bf2348d1605959be37aa624eac205d198a1dd9842f256ac8927b63a887980205b5cbc3a611a96615efb4fc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
125B

MD5
420f91833782f8ba853ef329b72ee738

SHA1
704799289f94b6aea76a82242ae4de14406c4196

SHA256
198b6013d2ee1fbfa32c4c3ccadd3de4d662a9486c8901d31e5c30124170668d

SHA512
cada1f36b7430809aa4d9b5cdce4838bb8eefd383ae0a225c97b1f5a46db394e4c25584636abfb218cb21efa49a1f80f4b6465029cf2678d1192ea62b1368f6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5a1be6.TMP

Filesize
120B

MD5
d9dfeb2d0af3c734b00944f18a060d9b

SHA1
cdf04b7547a6cf078784f749041aba188f12f625

SHA256
b927eb78425bcd2fd418eb4a53886fce17151a3ee2745df2392e9ec7fd67e205

SHA512
f580ff2bb717f31c9a2f5003656019821ca704047d733de3b2c86823e8f141409353ad382adfda267820cb5460068105f06988025a61e0673ed955e362a480b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
ae97a71c974d1885b04fd8b023bbf9f3

SHA1
d53ad72180fb751637638d215d96e9e1c3aa545b

SHA256
392538a57addd49c3c6e82ea7ab3e0c194fe2506cc1de17dae04ae28fa991c9c

SHA512
4c0baf8d435fe211de87a42ae597d36268eb3c94dccc936927822f331f633a2857e564630974f7a8e248d4367a2b0901d0534f37e8bbe3f30315f22b2cae1e36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
26b573e80c8e47c7318361761974a899

SHA1
8e297ceb9e04f585da249bda847a28780525ca68

SHA256
b3417e3453a4e1eea122bb142c2c27fa8a2e954984cae4d668b3edfb8e3ebc4e

SHA512
209564dbcf0655bdd064f924568ac5fdf726c57dfbf04f1e6d56cff0806357eae5aa0ed55e3eb18179f1daff707f76506bb6553a64f0ae7d3e1476ffa4565463

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe570bf6.TMP

Filesize
48B

MD5
b401a7751ebfeb9f18edac34a2827ed0

SHA1
2e3594ee6bf4c505a7627bec916a698c7dea1487

SHA256
90d1d71fe3b5bb8519ac9b788e17bb570d7dd98f4a7ca8c23f5b54f37844a534

SHA512
115e231f2ca483282a5dba00eb0983884cf07ddc7dfd5906a7d4daf4172e850716ded59296bf10f2caee640a1266c4f0d58a75385baa55a76cf452cfbbed857c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir4576_1321305937\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\c2f04db3-8f32-4652-8c90-e357ec115ef2.tmp

Filesize
8KB

MD5
3ad335355456cc853f0524772067518c

SHA1
7af352f15793529bfd94728f0990ed0a601d1255

SHA256
252467375a5fe29b8cda04dde2a66db278572926160a78d9028c3edd40872ece

SHA512
c29fa9e69f97c71ce643b3f1db0511e3322ddad93968e153d2681c2659bb9a42fcd87196a9c6ca14e12801ea06425996c490720c99f67326776b6076d70210c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
9a51638a7a2e8a66ff0aaa03d8d51638

SHA1
0d0a66e50ee0f8e96388c27cbac9f94cd1a960f6

SHA256
740f907817828182422a44d461a0e3e2abd9d3a214f445048486a57f0fad3b6f

SHA512
724cc8ca5b400fd0daacf0056d96837f496b95f35b935a023b49576818913ba997ef401dfa03baa5655212446d4cf4c08b9df870f22b7eddcdb6537542683aaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
08cdf4d48d4a46c62c25ee4ddb26a792

SHA1
e0f38c1716ccf80124b43f8450e316b02f2a6877

SHA256
cbe673d3017a01cc66667b3ee5506d47799b4c530f85d9c967229212e5d06b36

SHA512
2e2b277e15c29d073e2204be4ce4c696a7437304f65a38362a9883a71ca789701faefbbad134bdc00bc9b9c2a252c66b5e7e2819ed87536a97b3f6442e8f11ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
c180b7394441e29ef564afe8fb17ba77

SHA1
207cb05d355b0a6e4881a4795c49300c783c0e0d

SHA256
378c2b87ad44ba7dfd74009fe246aa17881182c3b98532de53c33073f286dec1

SHA512
966e4e125533bc6883add972b137b7478d4d244ccfd67122db5bc91811a61a124a68f2b196c8e66fc5f6832844dc50d1e8043b2fb278e265b63f046d10915d0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
96d4cebadd7e49fa2c7860e6ea033ecc

SHA1
633aee2a18cae26a902021c8fafef6b56c039685

SHA256
1008faf054317c970fd619561bb76e5e6c07666749b8d4a4054c694943ccab6c

SHA512
89f7256ac0faee950e6b137ca05ed4c10d8f36780b3fe719a33f651a64a10d5ba6d4ee3748d745a1e791c9aa6cf23d7958d4a5c210d8de0d1fe2dde14e958935

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
bc35b7e4ba84286525c42470898b5275

SHA1
7eb216e648e9217783c8cf08ca0de21f8e846136

SHA256
a5d111f515e4e1352b9be75c5343f8e0d2370a5aa03ae97a0d8ba0d399e7aa2b

SHA512
8f6782a1a0501db73e128fa902537c0607a107159523502fb8b0b744571ee7e89222d01f95fc95e832383ff33b06a2fcb4f35e2101c297d46227a454f0e93886

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
b7c988e78c94288e1d39afd0759117cd

SHA1
d88c57d9254d9ee9bbd99adc90102d8218de4ff8

SHA256
7516cbdbd0a45ea30b4375cc200f88755ea1a17fde8726ac543c2fb949d2c39d

SHA512
b237842a6b2a0a04f54b41ba16df69f3b16dd55f58a806eca7ae697f35ccc4bc1a9f745d96b2742c2c7f1a68c12ff224be77dbb54971c17e6b34bdd225b16f5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
a6ea720b0939b4de15a6cfe5bf624621

SHA1
1a43a520c758028ec91a614fb79bf8a7e6e60707

SHA256
07edd9207a59bbf679bd9652c3432d6bbe444f01e2cbe6d8dccd1e35597344be

SHA512
d5a9bdb7f481e33fcf3f187c4590652164c9409453082505ce7324f8c232123d40cbc2d0cf26efcb724e0745e30abdee76d3df66ab4f03f7a5ff650a663bc039

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
2c0b8a83e4a671932b4b93b6289f4b21

SHA1
2e94a690fe3073ac28ebad93864bb683b956667e

SHA256
814a891671297647ac99a52c991d5a5616f39fc339627be741063daca4ef4b5d

SHA512
3706ec2491b7f1ff026cecaa9a1ae273535b62750233b5a68aa38f48bd2c8d81cffdd48e50c66b02302f495513b9f739cefc6301a14861601ddda12fdcd0d56b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
3eb8c5032f57bbe2d0674b77daf2e6b1

SHA1
f8779f04ad77d28fcde21d4f69955d38e110fb89

SHA256
83bc0fa19bf21063a305594edbbaa2466c897cc6e0bc1c6f9650ebaaa8ea2422

SHA512
2a97fe92b37b789e4e6d628f549b94a23021fdd6a03016b06bd49464bfe97f1b9c84aa2acea01dc6375461a722d94ff9fa14a2e354ee0e026833121aca8d15af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
127209a3a787219b83a7af0f5093e096

SHA1
5b572583c2efda73728ab323465a3babd6861fb6

SHA256
d7a9e3f60db12619c219a70da1857a4fe8631766233a07c9e921d3a64d7caba1

SHA512
2a6e9dd48591961dae0feea84add815664366b2a8b3afa40f57222d0324638fa857e5d1b4d4b295772fffb7523f20ee4b6791e6a5ace06956b33a7c5d655121f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
e7a75f4d3ba0c5b37161126c23a8f4c9

SHA1
c39e8a1044fe2516a63b0e385dc311167fca125a

SHA256
fe45607f6e8620b54206e12f75c4e5a91468e7061e58f8daf6e0056b2dac3450

SHA512
1860eb082fe1dd2fda515ec411dc8504bfcdca5cbf74556c1940c8b1a8b6ff2c1e387f9df0e3826683f2a22d9e4582b4b2941252ad88acde8391f5d2af3deceb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
328ccbee2c53051da1d185283d55f1fc

SHA1
8931f94d27e8beafe63f5ea75e95cf8e0d4a7f3e

SHA256
b0e2a6c935959a84a54723b0e41e3f4605099d17e627af051d18fb5e17a53eaf

SHA512
58f30f03ad3ede0714561aa0c2c99b85bb96d1c8f8ac578b2043dce58ca5db3ed80b86c6099356218ba3e920de58999616cc5caa9aaa98ab4417d9765d49e8ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
20189008499e21f62fb967a21fa07b46

SHA1
d2658e4896c8ee2814705cc5b79a574ea1265567

SHA256
18bf1fb340d15b69b287bc13bfd333fe3d4fcb3a303997b573eb179a69df3888

SHA512
03cadbd6811f6cead7ac905737e1ea47821754afb8830b271fd5c25269266b0908381e85b7f82ae92e7c1c2601f6da2f23356782f2b77d468c831a3f87135cd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
6d80942b15b318d9b238947ce76bbad5

SHA1
c0a5facd558907b749af6d73e1acb76d10096d73

SHA256
183c20e10e915dcd89c3e6d8e22dbc5ae1e88eb5f061bdaed2ad74443638afb6

SHA512
3866ec0cfb8a1a1a9056d60ced0916fb3ee6e0091bd40164e4d63f955066376750e3cf2db3de023d3b78b22afe85023b80a65f938cd9fc991958d43649c8095c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
e7c99f8881ded78fded58b79804bfade

SHA1
006f88eaf5b8cc58939dcdb83afbfd07e2da2c92

SHA256
49d0364a4b5956942cfc2eff9a728689e452bcab7fe866fc56674bd4d43b3835

SHA512
2b1bdd66d0f3ae617e7dd8e44f525d6c58663d62cd0c7f69dd940b2f4f6c5b18e6c142f83a7b2635b8cfb8a2f905cd39d4df24bc875f1cfd8c8ab456411c7ba9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
641e5457996152e5d2a57286ef1dbd81

SHA1
dcbeee104522a5187b123ba6c05b2a9386ad99a5

SHA256
d0c0057333def4af8b0a746950717824022865717382bf6a4880ddb1eaccd5a9

SHA512
9e2221fabc93b5b61a42bc7c62e60b8b7b8b210bade211bcd8f9a22884754b20471ce1a268d6657617952c88e6b92cb201016662bc2a22ca275cf4c3018f9da6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
f4fb196c938e5e6ab13c37ead6dd71f0

SHA1
c1a72baf0148cacd3b09d0e301dde2b7f2c90792

SHA256
7bfea69c71ba2816199fbd2048f75714d993fdcc73835dd31c9007a4a62970be

SHA512
a3fe12dee0ae8aa2ba4458f820c38c5933f5633458abbf68b5aa5595a20fe49fe4b7477ddd13f7fd7434da68726553fefb5a661a77d1d9addce687aa8a993d33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
110KB

MD5
459243b2392d67cd7b023fe420429a01

SHA1
a117fbb371ece06b58ebf2b612a52ff818a35809

SHA256
e636a5c44028f4f4e02f390ec44f6889100b12b195d4116b9a3e1e90a145907f

SHA512
12c471ae550aabfcbbfa6517179542b8ddfa2ec16dd59b90aa127d4c4e390ba63f306f57805655ade68327022f153550b2b888ca333616b8803264df72c3853b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
ef9bb4c56507801154346baba3775e0d

SHA1
ef93a96474bae4f25aa0dd683b0f99198129feda

SHA256
841d8e479273e9b1a8dec8b11c28d193446b7cc0a801078a4ba97fb4eb584773

SHA512
02ab54eaa8ae58c1fca019c5fe8ad8701b1b2c1b27d7069e7c2d2d3891d1439ac7a68afbb82d0d8473b66ac53ca48d2852852e2fc272c59349af8a95da263d2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
117KB

MD5
4266f18a0f7a4c718c2a268978f4bc6c

SHA1
b4ad205bf99ae6698816b3f561d46ddc090792a1

SHA256
654f815bb9d8d129d90fa0cd7f872ea49f18a7d3c975b8d5aa0b5e6875ab1520

SHA512
167ff72124a88e7775247e698ef94c05eb650ecb058c1fe925ff4a9970270add094b67bea5d28599601240d5e4aa89191082fba3cb714ee8417adf0ffc6c9a6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
112KB

MD5
4ee7826607dbfc19749ce7bb57d3be66

SHA1
269b14487a2c36be40610f976744986d606eaad4

SHA256
251250a721f2fd0e5683e3d4d1c7f47a2e1c5679ceb136c44f671de0d43f29ed

SHA512
20747bbd0842d0bb38389191154087c029c1e06a35cb8deae0a40ce1adb5414ad6b86c89e563de598f9c7be02bf46b2532ab0a511c787a3b157661eb8efe5aa3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
112KB

MD5
41f936de27a519b38f3333b1565a7f18

SHA1
8705ed24ad7ca32a6394113036def531387a3850

SHA256
ecc91fea494f8cd95c73d881a9ff67af39d634b8595130d5ee9ffee47b88e1d6

SHA512
4d9023f30734f6631f4a9fb57687d3f8df1a0d7e5da3b7d9f1e226d175ae19464a355dcaf309284490b1ca492977de8b7727b1ebd08517c0dc85cfa005b8752e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5702cf.TMP

Filesize
98KB

MD5
958b651921d38ef639a628341769b2c1

SHA1
512f5ef566835455b65c2f4b08717a2913c88251

SHA256
820185902d142b55ac681c290d82f79f82288e8e4fa002bc950cf0e5862463dd

SHA512
919b449cbe568f6d59ef0d22c9c979b556e21a7b6e5399a1005771631da6d45ed6a36a5576c5b0f9860aafb6c38d9cc7893469a51dfc73604d085fc9d16f4e1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\additional_file0.tmp

Filesize
1.4MB

MD5
e9a2209b61f4be34f25069a6e54affea

SHA1
6368b0a81608c701b06b97aeff194ce88fd0e3c0

SHA256
e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f

SHA512
59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202306282359181\opera_package

Filesize
121.9MB

MD5
789f95b203f564b1f1db208b2a820980

SHA1
83cfbe5bbae8124fd79e4d0bc03a0c046ab6fb1c

SHA256
a156861ff758227a6bcf8cc54f8d843fdaee8032436f20e88c00c29fe4111256

SHA512
2bde16092140cc4910f0f53698591acce8a3df145408645755920de9cf63b9e2ea22c4fc862625524a8157bda7c2754886d9706c1f754dad4cb8c71afa32ca7f

Download Submit
C:\Users\Admin\AppData\Local\Temp\Opera_installer_230628235916472880.dll

Filesize
5.1MB

MD5
3a4e9a2d04135ce83a6ec437f0d65e1b

SHA1
2407e9dd36307d6d56067603be9e1d71e8e45380

SHA256
2de0df62b2bad943736e0a0ce4c05a94d08264b9f604702c61d1a7264f95176d

SHA512
d5ea9b80148c7672282f5df7ddb4cae285d7a448bb8196a696f60799bf1c5506652aaee3e0e73e3ff5f5813a23d1d65b70127536f253095031fc03860c1d788f

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
13KB

MD5
7eca081850b503f4cae4306b564d50f2

SHA1
90d22dd612bc7f3b374d1b9be497839e8205e390

SHA256
83f695ae5366a2b3aacc8248c8d91ce1500a537da257576a91af66b6adb4ea5d

SHA512
08c756dda24e4f075297904d0718af96b3431531a08a53cd7f44b4d564a2bdadd83938b5228b25e43d9f2ee5347281c04e31e64ca7ec386d7eb9d8ff5386a21c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
8KB

MD5
b0ded565e46c02b1a9e466f738cfd185

SHA1
2df9bc184ad5fbd018bd8ec1cc964b9abb2a99fb

SHA256
7e77b34fa0ffc870340e3e7ae97d35482b4a09d634fa5a52ca4d75cc31d46a1c

SHA512
7c77ddd0892f3463e13600a3bad54e8ae46c33e4f9315c0bf2300b1733046a80ebec1f6d8fe8abacf8068ab70cadb697b4b8d371f7c51b931b1b5c03cc94bc86

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
e20b67234fbe6aee3a1557bdd5c5bcb1

SHA1
e44d58fb7be8358870234b86aced44514016537d

SHA256
9c7c1fc339b6ac98ee0d2e716fd5c04b57e0627005ec2f446d55deed5ff44bae

SHA512
b7cb07e5c7a54cc47536c5152bb97d449ee1128fd408dd62f4bdb2389e7e75c62dc4ed8c37466f854f6f62db64ccd9fe7bf67ecaadf639911792def95d921874

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
15KB

MD5
4c7162fb4b30cd907df4fcfaf3ff5643

SHA1
7efeac9dde632da3b5af8cd8f5ec6e54165e23c2

SHA256
7e26b3e46b926c3a840729d3c3625b63e4d5e30d5a21cba3b971ea071b9f6bc2

SHA512
a90ea44dc70826ca20c025a48225ea19f455fc94fece46ccc3cdd55d91a9c028f1b173f4a9beca89bd80d479148103873f5e2d86b024cc3a3cebbdf1748d047f

Download Submit
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

Filesize
40B

MD5
fd7d9b1f9285b38d2d47f35692c6be83

SHA1
b13b7c65ad5cad09129220e1def1ab6d6bb3386a

SHA256
5b49bbfaeee073f6396b1abb77c47291fb9775994f2072a9a7cdacedaab95861

SHA512
8d48871cf086568d29e61ec5fe2f5458568e91896ee5407ffb33a1f1124bf98b50bcb891cef0d44a9d1faa81c54a65fecc51f25a13133273143427d70e4bf9c0

Download Submit
C:\Users\Admin\Downloads\BasketballSystem.rbxl

Filesize
300KB

MD5
06d111cc061a86644e59e5334eb9fce9

SHA1
766a620258f1d3faa2e892bdd8ac9de325bf7d03

SHA256
0f80d3e0f44568dc1a98b5ecfc222b703033d0f1f749013b3fcd9b998c6a3cb1

SHA512
5a1383868c5fddd2ef823c06cd6d883c6b2d643a48bc4ff9037df9d42449343bc1acf9e8a5cfba93ab9f55e39ea290d3fb2e41fddece4367747c83c4d21c2ebe

Download Submit
C:\Users\Admin\Downloads\BasketballSystem.rbxl

Filesize
300KB

MD5
06d111cc061a86644e59e5334eb9fce9

SHA1
766a620258f1d3faa2e892bdd8ac9de325bf7d03

SHA256
0f80d3e0f44568dc1a98b5ecfc222b703033d0f1f749013b3fcd9b998c6a3cb1

SHA512
5a1383868c5fddd2ef823c06cd6d883c6b2d643a48bc4ff9037df9d42449343bc1acf9e8a5cfba93ab9f55e39ea290d3fb2e41fddece4367747c83c4d21c2ebe

Download Submit
C:\Users\Admin\Downloads\OperaGXSetup.exe

Filesize
3.4MB

MD5
cb0bc08672e5fb7012bf493d8462996f

SHA1
c4bba64a7fef8751653be8671edd325b59700761

SHA256
3a6508fe07842259334bedf06f80d5223834748f0c63fcf89e098c572d2c7ac3

SHA512
a8ba16327f611297d4f4c0844a9973a3967e33c5115a1e52cb3afc238d4002cb059abffb796c3f32eb453bc4073abbba70e8cb0d585bdeef023ae1acd5a341ff

Download Submit
memory/880-2562-0x0000000000A80000-0x000000000103C000-memory.dmp

Filesize
5.7MB

Download
memory/3288-2560-0x0000000001240000-0x00000000017FC000-memory.dmp

Filesize
5.7MB

Download
memory/5104-2556-0x0000000001240000-0x00000000017FC000-memory.dmp

Filesize
5.7MB

Download