hxxps://github[.]com/JumperYT-official/njRAT-Platinum-Edition-RuS

max time kernel
1338s
max time network
1342s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
03/08/2023, 21:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/JumperYT-official/njRAT-Platinum-Edition-RuS

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 3 IoCs

pid	Process
5116	playit-0.9.3-signed.exe
9212	dotNET_Reactor.exe
7424	winrar-x64-623.exe

Drops file in Windows directory 5 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1544	5904	WerFault.exe	200

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies data under HKEY_USERS 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133355716126636479"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IntelliForms\FormData\A85DB3B00F8E4C2E6C71ADF6B7791E6E6A = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000dadb3f7dcfb5ec4ead74ad76a77486fb000000000200000000001066000000010000200000006b722bcce5813431590ab2e18ba53b3ab47130918bf273acc7f6b6e4f82df626000000000e8000000002000020000000f8774b47ce7324d68a4e5b6423988f7ba82216669f0971f3e550674829c3f87370000000a5a46a403e4d505cdbaae59e05af1b9c99f7b52cdde5791a563e5b17a697c7d35ae9fa5c2e84ce36b339fba2cbe476d2c6c48022c5dfda0e56954aa4ac925eacf9fee0a16788ab55a863e0ff12c426b51405f7f4c1bce557b6e093a7737dbe2d2b01a2f718fc16888beebd00b80ae1fc4000000030c3c0805df63affae5f5f2ded0427697d0f87e284c388a6e74b81dcd191ccdf33c15098e90c1b9308ccbabca839296d709a0c1f9b238ae8f5f55483599cf497	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{547D9BBC-AAF8-48DA-A244-ECA156BFAF0B} = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 = 7800310000000000e356374f1100557365727300640009000400efbe724a0b5de356374f2e000000320500000000010000000000000000003a0000000000d705c40055007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000	NjRat Platinum Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\MRUListEx = 00000000ffffffff	NjRat Platinum Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell	NjRat Platinum Edition.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileNextUpdateDate = "397260164"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NjRat Platinum Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 01000000e4fbdde4163b213c6609bad049faf714ec13958e0a036929a381db71d921e97d2ced00d93d87a77b08c5d9a283d34a0bf599ad7d8bf4cabb9933	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	NjRat Platinum Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Extensible Cache	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0100000000000000ffffffff	NjRat Platinum Edition.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\0	NjRat Platinum Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 01000000020000000300000000000000ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\0 = 8c003100000000000357ebab10004e4a5241542d7e312e37442d0000700009000400efbe0357ebab0357ebab2e00000034b201000000060000000000000000000000000000001dceeb006e006a005200410054002d0030002e00370064002d0050006c006100740069006e0075006d002d00450064006900740069006f006e002d0052007500530000001c000000	NjRat Platinum Edition.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\NextUpdateDate = "397863027"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates\83DA05A9886F7658	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	NjRat Platinum Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "268435456"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = 10e8b53e20c7d901	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0 = 5000310000000000e3566c5b100041646d696e003c0009000400efbee356374fe3566c5b2e0000009f520100000001000000000000000000000000000000d8aaf700410064006d0069006e00000014000000	NjRat Platinum Edition.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202020202	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2393848421-2120571652-2495149697-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdge.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
1856	chrome.exe
1856	chrome.exe
5764	chrome.exe
5764	chrome.exe
5524	chrome.exe
5524	chrome.exe
8468	dw20.exe
8468	dw20.exe
6916	chrome.exe
6916	chrome.exe
3244	chrome.exe
3244	chrome.exe
192	chrome.exe
192	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 4 IoCs

pid	Process
5904	NjRat Platinum Edition.exe
7672	chrome.exe
8368	NjRat Platinum Edition.exe
4964	chrome.exe

Suspicious behavior: MapViewOfSection 6 IoCs

pid	Process
2520	MicrosoftEdgeCP.exe
2520	MicrosoftEdgeCP.exe
2520	MicrosoftEdgeCP.exe
2520	MicrosoftEdgeCP.exe
2520	MicrosoftEdgeCP.exe
2520	MicrosoftEdgeCP.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
5904	NjRat Platinum Edition.exe
5904	NjRat Platinum Edition.exe
5904	NjRat Platinum Edition.exe
5904	NjRat Platinum Edition.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe

Suspicious use of SendNotifyMessage 51 IoCs

pid	Process
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
5904	NjRat Platinum Edition.exe
5904	NjRat Platinum Edition.exe
5904	NjRat Platinum Edition.exe
1856	chrome.exe
1856	chrome.exe
5524	chrome.exe
5524	chrome.exe
5524	chrome.exe
5524	chrome.exe
5524	chrome.exe
5524	chrome.exe
8368	NjRat Platinum Edition.exe
8368	NjRat Platinum Edition.exe
8368	NjRat Platinum Edition.exe
8368	NjRat Platinum Edition.exe
5812	NjRat Platinum Edition.exe
5812	NjRat Platinum Edition.exe
5812	NjRat Platinum Edition.exe
5812	NjRat Platinum Edition.exe
3412	NjRat Platinum Edition.exe
3412	NjRat Platinum Edition.exe
3412	NjRat Platinum Edition.exe
3012	firefox.exe
3012	firefox.exe
3012	firefox.exe

Suspicious use of SetWindowsHookEx 28 IoCs

pid	Process
5008	MicrosoftEdge.exe
2520	MicrosoftEdgeCP.exe
2568	MicrosoftEdgeCP.exe
2520	MicrosoftEdgeCP.exe
5904	NjRat Platinum Edition.exe
5904	NjRat Platinum Edition.exe
7424	winrar-x64-623.exe
7424	winrar-x64-623.exe
7424	winrar-x64-623.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
7672	chrome.exe
3012	firefox.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1856 wrote to memory of 2696	1856	chrome.exe	69
PID 1856 wrote to memory of 2696	1856	chrome.exe	69
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 4016	1856	chrome.exe	72
PID 1856 wrote to memory of 1360	1856	chrome.exe	74
PID 1856 wrote to memory of 1360	1856	chrome.exe	74
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73
PID 1856 wrote to memory of 4328	1856	chrome.exe	73

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/JumperYT-official/njRAT-Platinum-Edition-RuS
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbcc3f9758,0x7ffbcc3f9768,0x7ffbcc3f9778
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1588 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:2
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2040 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1996 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:1360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2908 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4660 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:4312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4760 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:1240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5112 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5060 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5624 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:1748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5480 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5764 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:1596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5124 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=772 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1732 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5508 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:4480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:1456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5792 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5176 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5096
- C:\Users\Admin\Downloads\playit-0.9.3-signed.exe
  "C:\Users\Admin\Downloads\playit-0.9.3-signed.exe"
  2⤵
  - Executes dropped EXE
  PID:5116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:2172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4980 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5612 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5304 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5572 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6208 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5264 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6460 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6584 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6056 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=3004 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4316 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6368 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7084 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7056 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7040 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6924 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6900 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6768 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=6248 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5320 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=924 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7860 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7628 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=2952 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8188 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=8420 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8032 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=8608 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8016 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=8592 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=10248 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=9992 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9952 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9728 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9596 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9560 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=9416 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8576 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8424 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=6768 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=10796 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10648 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10984 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=11144 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=11168 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=8144 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=5016 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=4992 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10788 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=11628 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:4252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11948 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=12080 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=11216 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=11308 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=10080 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=10320 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=3672 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:9064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=8884 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:2692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=164 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=5700 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=9436 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=6064 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=5316 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=7540 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=6060 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=5820 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=7620 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=4992 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=11624 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=8496 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=8428 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=5516 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=8532 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=6792 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=6412 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=7328 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=7036 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=8876 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=9232 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=10476 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=9236 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=7636 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=7828 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=10800 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11792 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=9144 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=5588 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=7412 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=8044 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6052 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:8300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6520 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:3388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=11836 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=4972 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7624 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:7328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10804 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:7936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6484 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:5976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7708 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:8652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11020 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:8548
- C:\Users\Admin\Downloads\winrar-x64-623.exe
  "C:\Users\Admin\Downloads\winrar-x64-623.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:7424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=4464 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=7428 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=9272 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=11092 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:8936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=11260 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=7368 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=4012 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:7844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10932 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:7672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --mojo-platform-channel-handle=7376 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6208 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:6632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6520 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:6844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=7256 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:8568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --mojo-platform-channel-handle=12276 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --mojo-platform-channel-handle=7868 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --mojo-platform-channel-handle=11140 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --mojo-platform-channel-handle=10564 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --mojo-platform-channel-handle=4736 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=11604 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --mojo-platform-channel-handle=7964 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --mojo-platform-channel-handle=7864 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --mojo-platform-channel-handle=7144 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --mojo-platform-channel-handle=8616 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --mojo-platform-channel-handle=10832 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:6720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10772 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:8
  2⤵
  PID:8596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --mojo-platform-channel-handle=9340 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --mojo-platform-channel-handle=7876 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --mojo-platform-channel-handle=5768 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --mojo-platform-channel-handle=9548 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --mojo-platform-channel-handle=10460 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --mojo-platform-channel-handle=2188 --field-trial-handle=1752,i,4417804675634653738,17765630899563837948,131072 /prefetch:1
  2⤵
  PID:1592

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1372

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5008

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:4140

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
PID:2520

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2568

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4168

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:5664

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:9076

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:9164

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:7700

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:6792

C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\NjRat Platinum Edition.exe
"C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\NjRat Platinum Edition.exe"
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:5904
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
  "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe" /alignment=512 /QUIET "C:\Users\Admin\AppData\Local\Temp\stub.il" /output:"C:\Users\Admin\Desktop\New Client.exe"
  2⤵
  PID:7352
- C:\Windows\SYSTEM32\cmd.exe
  cmd.exe /C dotNET_Reactor.exe -file "C:\Users\Admin\Desktop\New Client.exe" -admin 0 -shownagscreen 0 -showloadingscreen 0 -targetfile "C:\Users\Admin\Desktop\New Client.exe" -antitamp 1 -compression 1 -control_flow_obfuscation 1 -flow_level 9 -nativeexe 0 -necrobit 1 -necrobit_comp 1 -prejit 0 -incremental_obfuscation 1 -obfuscate_public_types 1 -resourceencryption 1 -stringencryption 1 -antistrong 1
  2⤵
  PID:4544
- - C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\dotNET_Reactor.exe
    dotNET_Reactor.exe -file "C:\Users\Admin\Desktop\New Client.exe" -admin 0 -shownagscreen 0 -showloadingscreen 0 -targetfile "C:\Users\Admin\Desktop\New Client.exe" -antitamp 1 -compression 1 -control_flow_obfuscation 1 -flow_level 9 -nativeexe 0 -necrobit 1 -necrobit_comp 1 -prejit 0 -incremental_obfuscation 1 -obfuscate_public_types 1 -resourceencryption 1 -stringencryption 1 -antistrong 1
    3⤵
    - Executes dropped EXE
    PID:9212
  - - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
      "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\ywbumppo\ywbumppo.cmdline"
      4⤵
      PID:8060
    - - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
        
        C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESD62F.tmp" "c:\Users\Admin\AppData\Local\Temp\CSC65351A2DCACE4B0EB7DD453C2B76E23.TMP"
        5⤵
        
        PID:7784
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe
  dw20.exe -x -s 3584
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:8468
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 5904 -s 3012
  2⤵
  - Program crash
  PID:1544

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x320
1⤵
PID:5752

C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\fd30f7ae9382468e912645e5baa9853a /t 8076 /p 7424
1⤵
PID:3932

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" a -i#7zMap4135:78:7zEvent6991 -t7z -sae -- "C:\Users\Admin\Desktop\New Client.7z"
1⤵
PID:6380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SendNotifyMessage
PID:5524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd4,0xd8,0xdc,0xb0,0xe0,0x7ffbcc3f9758,0x7ffbcc3f9768,0x7ffbcc3f9778
  2⤵
  PID:8076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:4816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:2
  2⤵
  PID:7360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:8236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2936 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3200 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:6788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4536 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:6440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:7788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4724 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3692 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:8036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:5420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5048 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3248 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5244 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5272 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5632 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:3056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5760 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:8
  2⤵
  PID:5484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5844 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:1
  2⤵
  PID:6028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5428 --field-trial-handle=1712,i,6316932958756203723,13005902596306922535,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6916

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5456

C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\NjRat Platinum Edition.exe
"C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\NjRat Platinum Edition.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SendNotifyMessage
PID:8368

C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\NjRat Platinum Edition.exe
"C:\Users\Admin\Desktop\njRAT-Platinum-Edition-RuS-main\njRAT-0.7d-Platinum-Edition-RuS\NjRat Platinum Edition.exe"
1⤵
- Suspicious use of SendNotifyMessage
PID:5812

C:\Users\Admin\Desktop\NjRat Platinum Edition.exe
"C:\Users\Admin\Desktop\NjRat Platinum Edition.exe"
1⤵
- Suspicious use of SendNotifyMessage
PID:3412

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
PID:3244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffbcc3f9758,0x7ffbcc3f9768,0x7ffbcc3f9778
  2⤵
  PID:2420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2080 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1788 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  PID:7844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2952 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:1
  2⤵
  PID:5728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:2
  2⤵
  PID:8404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4460 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:1
  2⤵
  PID:7384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3616 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4720 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  PID:7336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4680 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:1
  2⤵
  PID:852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4576 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:1
  2⤵
  PID:7132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4640 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  PID:5740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5344 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:8
  2⤵
  PID:7920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1076 --field-trial-handle=1832,i,3480022354325122579,6006319351043517386,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:192

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4304

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:1964
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:3012
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3012.0.1614811167\242709021" -parentBuildID 20221007134813 -prefsHandle 1612 -prefMapHandle 1592 -prefsLen 20936 -prefMapSize 232675 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ad1c28b5-a0dd-4a74-9c90-475f57ceb811} 3012 "\\.\pipe\gecko-crash-server-pipe.3012" 1692 20ae8cd0a58 gpu
    3⤵
    PID:7324
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3012.1.1532181384\1461513160" -parentBuildID 20221007134813 -prefsHandle 2060 -prefMapHandle 2056 -prefsLen 21017 -prefMapSize 232675 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8aa9ef2a-36f6-45d3-842f-491beca945b1} 3012 "\\.\pipe\gecko-crash-server-pipe.3012" 2072 20ae8639e58 socket
    3⤵
    PID:5992
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3012.2.2048952360\1049506282" -childID 1 -isForBrowser -prefsHandle 2872 -prefMapHandle 2756 -prefsLen 21120 -prefMapSize 232675 -jsInitHandle 1200 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ba57a376-0f6d-4dcd-8de3-c2673f5088cd} 3012 "\\.\pipe\gecko-crash-server-pipe.3012" 2740 20aecab4b58 tab
    3⤵
    PID:8912
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3012.3.1957784732\852760510" -childID 2 -isForBrowser -prefsHandle 3580 -prefMapHandle 3576 -prefsLen 26480 -prefMapSize 232675 -jsInitHandle 1200 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a828bd49-7d75-4412-8c39-be5799606a13} 3012 "\\.\pipe\gecko-crash-server-pipe.3012" 2768 20ade361f58 tab
    3⤵
    PID:4512
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3012.4.2046635393\76122509" -childID 3 -isForBrowser -prefsHandle 3748 -prefMapHandle 3744 -prefsLen 26480 -prefMapSize 232675 -jsInitHandle 1200 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a41ca9ee-b080-4f40-961a-4b8185bf071c} 3012 "\\.\pipe\gecko-crash-server-pipe.3012" 3600 20aedb3d058 tab
    3⤵
    PID:6576

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157

Filesize
4KB

MD5
f7dcb24540769805e5bb30d193944dce

SHA1
e26c583c562293356794937d9e2e6155d15449ee

SHA256
6b88c6ac55bbd6fea0ebe5a760d1ad2cfce251c59d0151a1400701cb927e36ea

SHA512
cb5ad678b0ef642bf492f32079fe77e8be20c02de267f04b545df346b25f3e4eb98bb568c4c2c483bb88f7d1826863cb515b570d620766e52476c8ee2931ea94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
672e2496079338ae3b6fbff1e5c551cd

SHA1
7a80beb8249bf9586904c5aca6722803fc277d91

SHA256
35ddb3d0af46cf26604b54a7693f3b0b477499eb3ad772834f9b9cfcaef6ca16

SHA512
2a964301b91d07c35d2e6028d0056bf38d4bc597c523105064064641991aea095d56be33adc760999f28456dd507dd5a565322ecffc1f02b0a616b3140bd8fba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
54KB

MD5
6a277608c311a86bc4aa4c807f89c708

SHA1
5a88c8402379ee0bbff8443dedc447dd02911f6c

SHA256
deafed0e61048aca0ccff066c0c3c2e246045262e19127406bd301dcf1446783

SHA512
66c15eb3078b0b7e2e39ddd8475f591313721b794f0b774f8f3b0e9544388c3656985b31eea99d14087d1b74f21e80b0ee81b4d8a64b7acfd6cf34a4d4eba1ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
39KB

MD5
500ecdda9ad3e919a1f41c1588266a1b

SHA1
d5ddf92dc08284a48701a4d3555590bda05f77e0

SHA256
caad3feace9086d27e006d538d2daf4dd50e2b33307232a7db6d5f8c48f73b37

SHA512
5e47a0d0721ec0f9adb5a439ffc98c1b4da780e74270332313f8350f228bdb919d32c4812c6ede84ebae3ead1342c2eaf4c73f4dfca5a87e8887e1b5913c0d9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
20KB

MD5
eb10db7dd8f95867a80d9f039b60e515

SHA1
85fa59d762b93963a4bd849cf744b949fd92092c

SHA256
6eb792397b610366288be96c856024ed5ab2776ae5d9f917811c0fc7ed236ffb

SHA512
b191929caf80fa063acb08854f692490c28044cc87da81e415dea853443dd4de0ebd684fcf5852363f09f09e14c0910db54b67099defb232bacf3addf0ae3ada

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
27KB

MD5
b5303c458b0c8434aae2857517198bfc

SHA1
14d23d4ae588d0926ede0cc6b67762fd98a801d6

SHA256
f3e21bc2d40bd55d102f896016bd84b4664de41a2f62a5405975a206b8082863

SHA512
3075730223d16a0c9f46e80566e0ece2fd38f1145ad17f8cf0c12b274321e206ff2efe5fafbe6314c4543720f608d0ce86399bcee67233e4771407245dc0df7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
42KB

MD5
229294aae46bddcab5cbe6e6fd182186

SHA1
59fe76207f13ce0c5488ff6f8c40cbc84116d3e7

SHA256
448b01d4629c8af3d16875463ee708bdb149840541e9b422cc8a7c7b5b021225

SHA512
c2766ec4bb7911ee6e5583694f5bd9cc3452403fb47e86d662506e452d8ead000252f850db6eedbb5fca8c201a467a0d8d01f2568305fd7e5600531019efc4ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
48KB

MD5
796a402142bfb2967ad1555dd62808a6

SHA1
c94257e5031ee8a159e961316e340a181541bf4e

SHA256
ffa1516d5a18eb1f995bff33b0c465d2e716dfac1eaf2460e1d92427d7d66a21

SHA512
db13ab79d34cbfbf0fa7543422dc2c06f76ee798c2157aedf8539eefa81a5f524419bccc5c9ef2579385ec5b504bd61fbdb451993bcee03adfd2c1bf3836a672

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
151KB

MD5
be4dccbe54eea47a0ad5d7bb60a3c17d

SHA1
1979128e8ba1517d85f5e4ee505abf486c51557c

SHA256
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

SHA512
7f7b2964cbeca667d4c26a208be85ab5cb77bb0817318fa3b9045643475ad50b0686427f71588ce52f340df9d030a979b12282da36d9cecd02e86962ff21741f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
83KB

MD5
4c6f45f7986a37897373f4abce4dbf6f

SHA1
f570647e80e1752cca22c8e63872432f0d0cb65b

SHA256
08252a3646823f832f210f476417b9e270eb9ca0f1d4500a64d1d1a21c9a5e37

SHA512
6e6a16d66ba4398cbd873e760cdf2866bf27821274478acd3d1a6ed02226fe65148d86639c51f224f6337a364505a38f3e63abfd51726701a83370137a6336d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
56KB

MD5
0e626f346dec0afc5f5942add273c716

SHA1
f9d2216432672272d09773ad16e10fe035b3f82a

SHA256
4aa5ebb91b8d894568797aa851b2f65c4d23e40533f77a2907dc2b5afd38e0f0

SHA512
1290e68643208af9fced47b5d216b6e596d252d7bb4757fe2b55d163077886afbc5f47cd6207f50ccd2962b72bdde2be2ef1bc3d18c44e12158785b43de952b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

Filesize
321KB

MD5
bbdc7fcfc8a3a695116b649bd7d0522a

SHA1
769412174a87b30ef15f10d78e1281b02f97fd50

SHA256
e3b2349718c882e700db1bc4637c378de088f5d58127acf22e665523c221c0bd

SHA512
9804ebdf7d710ada32b7802af73a82eb2d8d8055fa17b007cca3beff2ecbddd25838d34d514b99ba190e49853c6bf009c73d104e38cfe84e121a78ea6a4a4e9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

Filesize
84KB

MD5
95e2c908365f149a02dfbf5e1c69cc9c

SHA1
6619dfb8fd331774f608766af9fa846056dd431a

SHA256
c078c48e578a710ef6998f6ff066affa28810072f1074874c81111cb4c1d7f79

SHA512
b8837aa5f0f1055f42f2abf218bbcd8010abdd44f646a4f0d52b5c3f82d1b2f6e63e56971ac874fdc54530ebc78d6363efc7710223f3223f93547a53d1118819

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

Filesize
70KB

MD5
ee6d2175eebfe377461a2b7360c4e534

SHA1
90af93e3a805a4cec4ec30aa72c08ca72304ebd4

SHA256
a539614a5ea7aa4dcfe5f892e94903d8f4b2bb8112fb7ed1039b1f02a816b038

SHA512
bbac1b67327c9ec8148a5e963e89a7d5cab536f8e265d5c92f96facb8cefb59ac84b674dea03474c5add713ed7d1e9c7def2437e18cbd80f1556be9d862f93cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096

Filesize
20KB

MD5
a0b40d80a0d1842f93e69e036aa18757

SHA1
4b8770bd63a1662c00a1876242d82337af4c886a

SHA256
d30cbff26c91c837cf8844282514512bf3d2ecc5f3f5232af3df6d7fa5aee9db

SHA512
881156dc6b2a9e76cd1a4700070ec9efa6b3540a1b3dbf4b3e1820606ba349cac42a19dd0456e2bbc5ba30e5b8096912316e69f8dde37f13c3e4a9bc2a18b11b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000099

Filesize
20KB

MD5
202f69cf7ab3e007860faba8525b1e5d

SHA1
c12431dc37c2c23112a1b87874fd03b49a549441

SHA256
bd5c96c11152ee9b3ba10ae302b8407c13f070cb0746bb42e6ef68ebbc34112c

SHA512
eddcf28fc8b5ed58f18202b7cdb962507296fa55a2723915221cd55e3cd0f2bbc3f512cdc00638485c12cb4e58a1abb6b3752ef9a2b830a9dd675c9b29dd6ecf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ba

Filesize
46KB

MD5
e0dd462b9b525ca7cd27c2526906f8ef

SHA1
f797724e51496317181653176f337ea99dcece95

SHA256
2af7b7b26a6a3fa680f783c8d33ee6b3d6e6b593e28dc2f114921c6f4f726831

SHA512
553ff26206459f0182cd371f7ed50a17d4db03443c1e905df40281ee9db5979416f55200fa22f0e6c6ff977b18bb0af77fdd46061b36d80815711149682db455

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bf

Filesize
107KB

MD5
0236f3c953c34726306c3711624e9f86

SHA1
5c3ab25b16233321a50fc7d04c327c4e18e2bc63

SHA256
7220145f689df7d8173d711e86a2b789e8bf8b97d41d82ee82248d314983279a

SHA512
6b2b2c1fea724ac517f9dc988afd957ee84b0950e607e4668c0d302c5b95e2f1e7cd685773e4462d6aa1642f38841fe347713fad7f4cac573efb79677a93caaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000da

Filesize
62KB

MD5
4704300915059ecccabf176f6b85542f

SHA1
4e00247f3a5e0fd52db0a09d3bf10489049bf173

SHA256
2769ce27b57e3ab97aa1e804e953f06cf8a33f1a6cbdf2126a057c13244f357f

SHA512
c08f8ad62a24c26b4720e0a3b1756ab066c861a0718e7e74be73e188f51d6ef7bf5fdd658ebee84d209076838ca16eed4c48c2d7195b2d4c2c8b30d0f77b3a69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000df

Filesize
22KB

MD5
23e938eaa32c3065bd9b68f1e74e11d8

SHA1
c380f9fc73ee37301c932ffe79b5c0e529843926

SHA256
ac5b322714aa9377fe5b9616c333a545b519cce07a78181cd5ff67d33468e5bb

SHA512
1ae69e63d064c6990d12c6fb6e8388f039883118145fe22b02f5cf0a786d3cd0c64d125f16f0b2929fbbb3541708d57a5046750127d01e0195d4bea46a9ca784

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e0

Filesize
19KB

MD5
121ca295011b9ebce31a49a9bc3abc73

SHA1
e44ab53bacb4be8126f82c8678d631d837bd37df

SHA256
5e8b7c062c46551b894be057f58950340f2ebce8b37e832a1c2cf35e120e8b0e

SHA512
cd9dc0cc4f9d13c732e3179afef14d2074f9b284cdcfd2f6bf3c4abff7cc10eec396792119083d21a1e726b829f3b67808ca8a8e6157b1c384d89aab9da29482

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1

Filesize
27KB

MD5
3038286f41a73e7b13eec19905cde54f

SHA1
602d8b2c063c715a3e80e71cadd68d7482fcb2bd

SHA256
baf1cd7defee35dae21b40ebee53d73d4745f258e90edf11a016d2298a2c7bed

SHA512
62e9efcb34f3365f8288a557ae6fcb95d723ec21c08eb9b84263cf9969bbd101f60b77f7937efedc92765a898b54f94809fd06f1dfbb63c398b042e0bc7422bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e2

Filesize
18KB

MD5
46a39664e6800decf5db368c759dac45

SHA1
8c8bdc7935e24bf91081a9f7ab37c32822760553

SHA256
4dcd89646712fb2a500108786ee62396c5337d9cedf44dec50054b9ebdc88f42

SHA512
0d3c6d5b92874fec54483ed518beebbac8b8e9404877aa287934d4bc2946b08dd2762dcc4f5bc83e6faf21cccaa8e02300ef66b9b2e931932613bbcbd417e3f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e3

Filesize
24KB

MD5
056137b2e6285ddcf5d4a6d059e31d97

SHA1
9af8f0a203ea984ec6ec8f95e0dd0bf798132ba9

SHA256
62bfc092b443caf93f01c78cf36bd83f475e211560be25d6744f34741a578242

SHA512
9a55c8572785a0228c438a18c73537e1df7fc23972b5f2ebaa620c299f91e1f25ebd6fb6a7a20d30c5d75cafcdee990f167492f8c8e230b50532489e419c118c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e4

Filesize
22KB

MD5
3315c6aff2cfb1932c5e4e9936e3d618

SHA1
cd9527b973e19e4446211a23e0a4a79528f4731d

SHA256
649864358e1385f4745a8ac930570933599cbf93019a8afc4eae6c7f8900629e

SHA512
ed6edbfe951f45dd2237da27f76293c6c2df0bab4a5c61d148f2786ace0e21ea8deba31402ff4bfbd17bdded67fa0bcd4cea502a15eed637d33444032c168735

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e5

Filesize
33KB

MD5
fe63bed79245c4357756eb035a809087

SHA1
3a5f4a5aa857bd4c8ffec424d3514b927352df4d

SHA256
bf289adf68f7aa0f8cf03b29660a57f66d46a74c4f63f462d53a04add2f7dde0

SHA512
88e34d0f18640c07d4f432998cc324b541f1bd66001d55eba073dfbcb9ec5ba6a108583c8f17fd5de3af36d468135f586f835ae22015bcf1daca8c2bc10737d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000108

Filesize
173KB

MD5
d3d1aff7a71e5f6f4537a0b3cbbd5c23

SHA1
82bbaa35980290986094ec5b2f33da17fe0e1ca8

SHA256
d3ac13e9bebf6119830ea38adf6715f42a193e7cc5834087abcd77bec3c07291

SHA512
9f5a8f657438a49e2b60db1372ced7edca4ca714efc63ff8791ff232d4252178b5a148a02b049f279007f095e7ac5b649367a2fb3dbffa14b39b637f1d30d42b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\110ddd7187ea35aa_0

Filesize
253B

MD5
9edabdc3618299e0f321bedd6003fbf6

SHA1
1e7d9fada81a2dcfcdc9bd91ff90edb47bc995d0

SHA256
5e5c3698730a3024ea1e6c8b5dae8d9f496fed455ee480e6c12517c18ce48a3b

SHA512
cb89befa8861b13561c419add6824477896e62a05083e1cdd55686c170d45060f5b21382a3f1618b094b654c72acce6e18e3b99d0807967d24aa4c0eee52b556

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\110ddd7187ea35aa_0

Filesize
5KB

MD5
c0a11d100eab01d36966eafdee801fd9

SHA1
ff7878685f1da021493d694ba8735e4a599c0407

SHA256
c6db79af56591399e208326035bc7adb62cae017885717c6dc2a59a2b3270263

SHA512
1859a851ea5e276b510037194613bb207a3a214137d4d8d40cf04f144cb94d3c2938a820558e0f996ae6021e6a9ed841e4e7d13f071b814a885a0a17f5df6677

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1cdae0c7f6f135fc_0

Filesize
31KB

MD5
4ec7bacc0e1dd810ec97611a9b117cc7

SHA1
55579e267ad6189a0ab03da5a33933c565f74d6b

SHA256
6859b9005cbcd05772a47c888bb8144f2deb02ce2a1c38e1b5bafe583dd143c9

SHA512
ebbf28924af89d2612ba502da26867e23c97060c482df137aa0f967c0af05f97ddd8e2563228b62fef69669ae3d0c4ea578e06afef7252f588da7ceb939b6ad2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a54786193aee5b43_0

Filesize
290B

MD5
302b933d1bf1f90467959692a7e5b214

SHA1
e4e4706f0c9ae85e85ed303c264ca2935b12fd33

SHA256
69b5237745f70e5679c80d7232fcf710102fb9956248de0f9d66fc5209993704

SHA512
afab5b900c28a76b916316e55457dd15fa947457fb318b1388a6431b36ededdac43a920d20c97e2bd8cc464404774496724f0d5a087377b58fa0291862b0d7df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
b2b2a53579db5fd955b6833975818412

SHA1
730f62d11ab1aa604ec1adaea54f2b1fc7b16ea3

SHA256
4bde23a013d66d1d43898988c15275c4458783f1abcccaae84288480e3eab745

SHA512
13f6deb0678296ce72e80c0d2f4e47fb45f888b1733c5e052a4d9586c58649aeaec018d0df9bd25da4004ac073420174e6355c9503f55a3bec8cb5426135d787

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
cfaffe38ae7eb0792fec0635404af6f6

SHA1
005d3af9fc908042aeccde114a5665076661381e

SHA256
3a568943e33fc26491739e7bc71328e4f3865daae88d140257bae7901b21bcb2

SHA512
7d0f691b0c14baa5a385320a6c9c9bfdc411d2c17e7414efd69743d7b1646a1b675c978d57d6747565c7e4ba6a6fd5d8fa2dc1ea5d389525a53f26889c78922d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
f180e88106683a0aacf66bc3e870e51b

SHA1
34b33acd5e78b94ec6f4630329cbaf4a9581e893

SHA256
621dccee0cd20ce23d08f20893c0b5569fde9aef229550291455d4ad7b09bde9

SHA512
f74c85374d893df8489536a0c11a377f2d4cf266a2128da6da2b77937cc0952ab22bd8e58d08ad8ca09eaab4cfd5fce692f7305f87264987628095f76127950d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
b31da48497cb966f0319cfa05a554a3d

SHA1
39ae5ea622241005561af214cd0e2c953e2bf2a5

SHA256
25f0b7647be7ad4593de1d660270afaf590129aa21f1e21ef8abe1d9ff033571

SHA512
4b00ea7e904c8364e501fb0deea5f6e5c585070dd59599ff8f4818d8be0a3b377d71b0f01a27891bb55179be79d24360811af9ab42659af07272bd4c6282b117

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
ae0aaee4a204dd1809b1732d0e6afdb7

SHA1
ab31d1b06efd63208f51f31ed85cbd58ebbbfa95

SHA256
71ab9a7c3ec5f1f712657c8e7100262ff1faf0e4f6163ec16dd435cd1a9c4579

SHA512
be6a2221cd2a4266b47fb03b413404e266947cf7405a36ade6fbcb61a49d9d7a6ee26521b31c002203c5e41c62474692c3c9b72f51d2f9c1213fd8a2709ad95e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
d82d05e8944451538d6f85ad6a397212

SHA1
bf68c3edc79c8b81818550d44e288e423e8396da

SHA256
47e8437fbeb7a91bdb71c87b62ea81eb41ede4aee9594db9784b68a6b55f6d6c

SHA512
dd1eecd5ebb6f303835c76d485f26e72b54916822e81e0bed42eaf2df60fd30aec3557a70908c13d882725b32d2ab60a95571a2358dc307d25b41c01af57d569

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
ce76baa4171ae150337a9d27b58abf1f

SHA1
c0f38c6fc9a435ea4d42681e0b05d157574c5817

SHA256
ff332c62e1f762210adc7118707380951534f45c3b1714ec64d856ebd628a7d5

SHA512
7c3780019c10f4596023b07a5fbec6f52b74d6bca1202f664269ef5f9f3e805dacca762f54b4c03555aa25a73ff141cad04d66dee61830136611a4e4b0778982

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
d2c1edb667d10d1b5d09a3a13d15d1b7

SHA1
bec7ad1b5595c1b96f245f9ccefc0fbad4b860bc

SHA256
e3f9afe22204bf392ba7dde7b9d781886ccc5784cbfc157c39a736c41b2c6f82

SHA512
f24ffc9aebf1b85763ab43879d28bb2c02a976cf12fc93664731d6af8a8d58475fed5850b0ea5a132c4757cc641d5e1a857aa38aa095acfce324915af7b8dd86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
a18b5568dbbe131f40e6d000dd7b8e22

SHA1
095993ffe2f81cae81fbccb37b331c43481c264f

SHA256
e314dea00bfbd0a4d8ebd7dd5cb16d6eaddd1be5000a70f18ab0109bda752e31

SHA512
dabe879cec1e4615abcf1c1b076faf99096e942bdb0365f31c435fb10a276d502bf90fb4a61d263ece51999e56252413b8bc9f87aea465e05b3d2fb0a43ea8db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
33610d5748d1336bc3ffb8b1179d0b8c

SHA1
58a9c331e33a8a3cf48371a7b52cbf50e0247c24

SHA256
1cc11f785fbdb146b21818cfa109ca3a278129de2ed51e18ba4ad6c4e9fdc10c

SHA512
38f68dbf5d05066651a95a8a86b02d9438db14e633a095a211f0565d5c071848df3108e3327c9a9218f59a6d1cb2560f9b02cbdbc1d21f35e2def8757c1798ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
471f13f48fa34e361807cb488c584d6d

SHA1
4db1f7285192bf50f2a04f9a5c593be0bdee7a8c

SHA256
52ef9239148b5953723776693123c9d4457c98fd162158c2138863fd576bbb7c

SHA512
bf2ff2290be067762b07b9e7287b8879e1fe1ad7cc65518958fdebb667b91de006a64e60e42b62dc7c5a68aca9a4820a727d3510514dd7b6f216cf1d5cc83531

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
1eb78f9ff2f50bd965ec37be3fc67298

SHA1
972cccbeb766b7746fe77afb101ae5831676a8be

SHA256
193bae50d78dd0ec7d2e3a6fe5dcd5e3ad367c77201ed03218a4cdb279686ce9

SHA512
89e99669635a7693647f8b98656b8d2e5e8d3a0e8836ab95af87e702e8ab7f1841bd3ee56885edc3261b4846dd32da166ed4cbc9c2e31793737963838abecd5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
58bb901a65247637f7a6c6cc06531a14

SHA1
f3be4b79ec8d994024ff897f9933ee7463e9bcdb

SHA256
74c08ff8ccd9216c40498f134f0208a734d500ab8fc35f2d0e2795e2dc0e8682

SHA512
1ce63083ff242b46cb182072688f6f37666cf4fda18096ab48f18e4a84703ca90d8b56645de34a544fdce9656fc45620a5e54d129dcd42bb496e36f0d63374b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_nordlocker.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
2879a64f6ea87b5224669e7fb1bf07f1

SHA1
5090f0c872d2e07cba3e4256e0b52395db25c2f5

SHA256
2e5cdbcc9b5480840fea141ccc2eac44e5748ff32f45eb1cd2d23e60d15abc66

SHA512
657595d841dbb654cee6a7788e309c27e1f454c08dd3ebd0d67a899cb73546ebedc01b8c39f50960f91bbaf7ebac58a7de78b1360d90ee0dacb78e29c022e8d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
17KB

MD5
6c682b4e8fba5aca3b61e21567bf9839

SHA1
bfb18a839f5122c0a62caa2fc09f0755422dd615

SHA256
28b0497c5018b0ab76515ebfd795f32004b0aae55abea7c61bec1f96c9079db2

SHA512
5cb2a09b560d0fe4e8624d7ec37a452a76cc99e3722eae8ac72da9bca82603f80d0d7b627d1025b619f8b5f2fe66b10e180d8159c0c81a762fe26344d66de923

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
12KB

MD5
36cc0f1d47d276420d5a59039c8386e2

SHA1
6cf67cd4cf6fb9caa5515bf9b51429374991d373

SHA256
d9aef3b9193795c6d5eda303096de1ecc21f0929d1b8ed1a8ef0878ac5b8b816

SHA512
ad20259144a32974dd80d92500ab557db800d8edeaec506592d7b5d3a3cafd090fa77aa7336791b370bd669e4e8c3d2b3a91afd628acf70e621b7fc59ffdd905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
17KB

MD5
886e9e91e80e8576cf78f20ffa254bf2

SHA1
91708a86662f7ba4421c73d181c316fa6bd42656

SHA256
169709102e990fb8daf2e67ce11636e1f2c1b43aa2de6f96203da88e1446c054

SHA512
91d92122f04ff9e72c2807ea6a34e78d993954d74e7e1ea7a8f11db88aa7643aee118a9fade943ada52fa8fd7194b9bc419cab47efb50c998a40f6c47c304749

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
21KB

MD5
6aa54288cdc6bc73e7610ed60de5bf44

SHA1
c492441719a5edeee2e8b389764afceaeba255f0

SHA256
ed0099f78a2161f3de6579e6e389172ad50e6ffb60ce1abfe9227d7437df9277

SHA512
a7e5355f905b46dfea831a4567ae9af6c04ebccb1366c170ceb58c2728549c5923a1c6610d3bc6f1827b91a0c387ede46f441f5a4ace8a31d81cf14ea3ab8703

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
17KB

MD5
8c0849292981c8ffb1c96a3cc997c43d

SHA1
60517b6f9fab91161f76d2be80cf361acee294e8

SHA256
8b4d69150fb1b1043e7fefebb8dfc27d2e190a06943cb8c6b05a1bf2e4b72241

SHA512
a19643a26de47b357ae708b302d17f46f324ee7ba052dbe52824203bf28ec1c774bdd0a7006159e279a2d725739356d4cd99fe7b21afa7c17bbc963dbcfcc7be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
26KB

MD5
792cda5f338de909289c45e6802945ed

SHA1
9147575425bb13c1b975174b30e79fc3eed56e00

SHA256
4ac6f7001477d2ba7d2909cd384c5a1c308a1ead84b4d55c175ee4156619775e

SHA512
56765117d179a2baa120ad3722b23d97b6af49ffdb95525c51e9968260f6a7e85a0dffaa6dffc734ef052c8ceedada9a5f5369c5972a293af64672d1a53f3df6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
19KB

MD5
df389945a5226bfc3c6ae41d0ffb7ffa

SHA1
4855ea4dec9c46c790c48a16a80b72cab97bfa89

SHA256
26d134f38c813d028429096ef73843aa78c2e111e3295c38416494f7d6236164

SHA512
85feeea8e162e0ecc929ae6a9b6f24df54ea2f60d4bb31a67efc4f19dceb4236cd5dff0848505412932e59490b81c6215faed4fb1b36060d51f6eaeffe5a0d4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
ceb6855bb773114709d3041966e23040

SHA1
881abc14bb6c7867663cf68f4e1e80ba12b60bac

SHA256
9be0085402e6c0d0fa371b984ee152314e1b2787098eefcdd724936cf1cc2b35

SHA512
36b66a83a9e5a8881201a0180b1bbd53988995dd23c255a22a40d53e584a0252156b872957dd196b7687e4cacd0b92b585eac5583252e96361dab89c2c4a1aec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
756a43f667126a3394ea91ddaf0c123f

SHA1
fbe791adc856a09dea9db861790be74e27fdab6e

SHA256
89b1f6febec9138b64b7079633ddade90fa069828b7c7deed9e465f70689638c

SHA512
d0b1bbe73e6dd4e7b13b362476a872b2b2395cdf315ec6a88f62031d0a35ff743dcc0b9909a0d90b51750a38d3fcff3ade76ca9f43f10ba93beada80c7255b0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
22829b27f02ce9c26d882005fb49ead1

SHA1
81f80c17c06f0773c99c35ad6f845b67e9dedc10

SHA256
c5266fd8f17f375fc636d1d498572ea8f547ecba1b8d691e0134cff09e1f1907

SHA512
27606678687468286bba817dac82dc8160b64a57cb586a9b5b734f89383241e5dcd9e4f20c37d51102816f3f7bc66c4559a2b8f563b15814cbb81ad45a3716f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
4f589204c90e765ae9dd85205434f107

SHA1
9306a2e826e26ace27ee84d80de15543cffddc71

SHA256
1e6841b1556bda90f3dba684788753c4c15ad3a6645be9ed32428f7bd5a86721

SHA512
cd401d9b51860872e6d32734de3b98ec90fea462a599da972852d54844be26b5c2f9e7ded6c6604ba25d67722724b83c6a349cf577cfd1e9c39b9e70d75b7260

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
cfbe166ff1e1a2c27712113d397fd356

SHA1
498313210bfd6505adeba26a8fcbfa4b58888c5c

SHA256
cb796b601ab1bf71435c7d4d9524845b030de65b5ece9b3509db65d351ac517c

SHA512
a07ec74c9d0b7709d442e974b1314d18fe5e6aab65654f69160d8c8e22f73a8497b32637caf3d311936f90f1e72faafa536f7841eab3b66365c1a55fdd3dca76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
891e455c3325f6d00af990792aa21ea0

SHA1
ea18cdadcb416afadbfe2326e74ac22e6c7441c0

SHA256
8a9d8cfc855963d84aea6e95cdde3c3b6fb38afe5311f41803f954b54248c3bd

SHA512
a913f930ff23de07876a963b7cceb45ef21846eb7626aa70f689f7d5c4eef0ea28ae1f0be6a216e3f064903f39a72b997d7451257a947ffd375066333984e308

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
6f83f8bf58ca427cadaedfc8925a8cb4

SHA1
b24271c56b4933aa2d65933d0889a5c39867872f

SHA256
7cc6f5e2cee3171bc22fe7a933861e336e291273737e0f39b55eaf9418f37009

SHA512
e052997a96bfcede975b8f56bca1bdda46e944de1fba6b5ef7c493ce3a3dcf65bab8700efe110072c9a5a96a9145517cd442a9adacbd30b0891689848aecdc21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
091f325bbf568132feb9ba998e56198d

SHA1
c6df77ee264276c8f347716225732bfdab20ae67

SHA256
a70c7d710da1619e114e0ab9328cc0d9b9fcbb9d915fb7e6bd7d47991a8fc7c2

SHA512
3bd3866e479ceee2efc9aba98a996a2ce640fef6683781055652f82e0a4c5806a0873609595623a3d4575102a36f88f7ca6ed321f692c34ab0daea537d6651c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
dfc51a9e1a5d53eef35dfddc35d212b0

SHA1
f0474b9560214280cf7987da302593823f61a27a

SHA256
785d680984aad2e4dc294e06f5726fe443ad7cb118c113ca5172289af4f905dd

SHA512
038525c5ffa9695f1c90db0f5a37202ea433b38ab608b5bb2ae4e2e04587e868e27f4ab9be6e8b65fdc1c164146013eb85c4ff4bf5286b06cf02f308154db5f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
a59a7772224a3d664e135730b32c2357

SHA1
00d798a32268212768c91200d286d2d99e4bf810

SHA256
545325e9a8f224150b8d6be4b1a48edfe104d1472929f1a2fff20827e95d1a0b

SHA512
46d0918bb4d7f10a030eed0767d56f23a517ca6f7832fb263191c4d40c1032b168e2dae5f185a6e69e7774ec8dedef2e8921b39d11fae6f989fae3a59a963ba6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
6bae57e4f7090806f014b31d9d9702db

SHA1
8a80b1d98c058958f44aba65ec306d5ca062be40

SHA256
c7fb1a79eea956e138bd6961545d6c6fd5926ff5a825dff3153785852eaf1efe

SHA512
df66008b89d1c95cf7821fbe974ce0a6d6caba4a8b00b19a6061ae6907d903f2cb49e86e1ad297fc5121de27162a14cfcb41f461157811742ee7afca2c7b8df0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
34873662a2d462a695b9d5cfc9f52065

SHA1
35209197efaae454c08e7483abead366c54acf3b

SHA256
1d18afd7783017bbb2f83361bae28fdb4aa0285d87944a071bfd8b3743d6bb26

SHA512
97aa7fe19be9515fb0de523caa2d3cb35089073095e5a1cb62c397e8660284210e7c4b4a43519149363fc244791fdca5b97756ab7f4580a9396e2bdcd37130e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
d161b35d8d9757c52d439fe4c949ae28

SHA1
e5012ddfb2df71c326bfc3c5348f150fa2fef0b9

SHA256
0c4cab1d7276ac26646a7ff823e9e352e68ae41c2a2a30957035171ff94f8904

SHA512
1b50db54e99ede3d7e25b8c7c4bf8fad71bffb3372eca606553fc5adbc23b6a723832eef3d74ef1c2bcfb142a88f04ede73f4d09057415566767b4220b9f2c09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
e7863efa38ec14e93aa9fb819e14c6a4

SHA1
2295f644db43205f3f41860cc12ce6d413c31d05

SHA256
90748b3a522d50016ec94b655c944d51b0e7468ab5e1e7028e475e43cc8210d2

SHA512
14776baa65f2af5f580e873d9be4f7cf772ddf5bd9919ff2af5905c397817d3e9abd7a9f66cb9f0c80a60f93902720a0a0098a9c10ed01a0527006e39d501b51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
2fce185d5300ceed5f570bd88ad138bf

SHA1
225ce6f944fa175de3d388a23df622965e57d520

SHA256
3443b258d285e8c7bdf625917920c9184cb0e8ccde2afad1f2f39b013f70d291

SHA512
a6bee0ac499cde193b1892b53781fac7124146a874ffff2b8e50ccc39652e125b8570e10199543d4d80ad1d0839efd53aeb027275eef3e6a3f329a09764d5c00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
cf94b64eb8062711196c07a82c0452f8

SHA1
a489dff2625c67804dddb6dbea72e64ac5d1c654

SHA256
b44fa04c7ebf59d096b6add192918c2554c46855d0cab00a245a83a911270f43

SHA512
093f8bbd1d266e6b2f16bd7e07fabee11a6bdb3b4121b9c8fa0ce9da63797126413260444d1587c019f5516bdf2abd54947ce04ace60cad1410dec4f2a941b3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
13KB

MD5
d55c93de52f6196104d17ff5d9c10d5c

SHA1
48579857e7fc0d3b85a2da295d4e5afe7e731279

SHA256
eeaa2511bd0efdc689ef063806e64f48459431b18fb9f724960e7c2c62088bc5

SHA512
a6796dff9d20a4045e8c94ebcb9c60d77a1e43497f7027f9e0b4bf4dde285d00aea00a5d37ad8302ac4c7d02f14a000229aa259eb82da95e2846fc7fb9610ea5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
63551d172697d963d1ece9b0e6c31ffc

SHA1
ec1d3c7e710254c7749ac68972ec24191702a295

SHA256
1555fa532b94f98a7fe48cabb7f67b088eeba93afbc24c7e794ec3f20968b918

SHA512
e2195e2b24b8d6c38c79e90122a1cc414780f4858565044150edec32a363bb0ccb01f3a83e87cea0f272d14a9c1a09a63104b709ffa57a2dd1e7b872e63d02b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
415a954c07af0e2c1e9ee2315a54970e

SHA1
9f74487ab596ffa232899ff9aafd0dec60894134

SHA256
d727e602c0ede557f5f2f439ec7342d21291a3479caeab5b0aa8d13a7f8d9429

SHA512
fcd96200c044b3bd881957a6e11ad43541bf17bdf5dbacb5ba1ef905741c0cf3800245639cad744b0cced8e3047fbec8f28a63092143dc510683aaf61ddab5bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
d8fcc54ec0a3016fe2fe8cdf0a609eee

SHA1
ef5ef9daf89ebed7b7d4c77bee7bcb00adeb1068

SHA256
5a99e90422cc38feb437b66f6029bf7ef44dee006cca8eb6d1630683bf46dc1c

SHA512
7bc5b6bb71a552beba99f80c81283e319f05400bd7c7ec42ad794c8d0fbd213a726b5eddef5f1035d68b14afd5a457508008ffec94fa5312ea738ef5247e26f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
13KB

MD5
c187627ec955ab77f05bc95882fdc3e1

SHA1
39a14ef275ae965a2ad242748bb7d02663ea12e3

SHA256
1cd9b7982fb31a5e765ccb023a3117f3b5af8f8910648a85a4a8afc645a25278

SHA512
4fa44d96edbcc96ba73b98739ff349c89b21e3fb3664a196ebc0cf6e148bd99d4900bf165fb56df8e026d1e31a70e687850869a4755dff11e32ca085be07e1a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
14KB

MD5
62f0bcc2e8aaa87c90a4b9b594eef721

SHA1
80ed15bf0dc97610ce3dd317ebb2c023a61c3bdd

SHA256
f86fbda36cb4596285d06787b7b74987c6e99a057ccea245f7f1a7100e42a5bb

SHA512
2a51923001e1672a2c32ceb5f1a18fdec7bc67b8b23e049b1c7005742f8beef6dd366ed59fd9496b5dedd83b41572360a84598605b108a5e649d5b7d9dfeb73c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\a55c92d1-5a44-47a7-9e9b-0eed55cfc30c.tmp

Filesize
2KB

MD5
2154573b754a3ea90f9e8971a18b9312

SHA1
9ad31213d8eb28575b92f580e1037aae17cbfc8a

SHA256
5fce3309fdee35849db3bed7fda28f8c21b003f8368af64ba44b1b45d8d7454a

SHA512
bdcc74f3e92eea3e18f8823514d96699115e7b1748b693e8039f9db367df610e76866388ae5f4cc52c57b16a5e73ee0aa59a442e7e4ff5f236c2598f88006b93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
57eead6704bb0c0183c9af70df7d93c6

SHA1
17645f59d39ec20e19118349d32089afab76cb5c

SHA256
ef7fd9ebe8fd3610d16ac827697ee93ff49b23d64c63b54b408e7c82da0ffebe

SHA512
a5afa31b867c67052bfe7bf063caeaf968c9071f5e05337cc350376a2306ae4d322c05439bb674390697bccdfffcee9870e2c2374b5279d3526ce125449bfa74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
17f971326f9726865ff11b8b285e835a

SHA1
d9dddcb8565a067ae67985dc6ac4840f8400c970

SHA256
c2b7e79e3bb2ad389878d4cec14fdbacbefec858e06e7f9835b29c1be8f50eed

SHA512
7254c8ccab5fb46c875fbb4351ba81dc59f096fd7f32d619437ec7c78b6494bf3650fbf21db79ec153da5f84d93d765aed46f1eef6c69e0a0459341c75830c55

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d4ba84d373d1d9ec036ca7f17a0e52eb

SHA1
74e0f4416eb0bdd0a662e9b59aafba319e89db6b

SHA256
644addb25db750ef3dd9ab323b72071cc54a7b8da932b474ce89ad2da3d72d75

SHA512
357c6aa3c54f18d4cfbe13baa04da479482d41afc57a97c24ab29406b2cd4f3c7baa6a1118e04ccef8ad7fb6b61596dffd362e910b9479a8cf9cfd3f496d5ffc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6435f68e7a9f722803486796afc724ac

SHA1
6f9792e381e3f64ac251895e7d7c1c458bf791eb

SHA256
af1f7291b9486bbd3295b78079a97e01519d3955a90715d920df958921e4deb0

SHA512
bf6c71cf7fe483d0c94e04deb4540393c9264858db56cab66e881d5d0ed703631eb91a96cfa62d4583e1f0acb3016572bc1bf14bfcb14030f038a2f6445d58b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9ab1181620243e08dd383808b3573fec

SHA1
be86d525bf395c1edfc9fdc8dbaff42afa4d3912

SHA256
2b4fd49a4f6a7c811a358e35d5cd332d060c1f981efdc60595139ff8dcf26767

SHA512
5ddc91c84c9cf5230141ae3e1f7cd91fa0f9d557ccc47ce9478dc93af96b35d5e4d3ceed3f7715232b0567616d9398bae622da0506a1c61f9220ad6ca86628dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ad7d41761f1230c33851b10f3bfa3845

SHA1
bb6153266e6659904deaebbc12c5efddac8ec921

SHA256
02ee0feffd1704e39514b50248bcb06b1272e30c87eec56c637b8e3e52ecb684

SHA512
1f98926b955fa85325fd62d0d242d5ebf655cff7edbdb82bb01bdf3b5977f93c668569b4ca2c6aa178be037e5544e99601f36728b7733b7b47db74a7967907c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
38114845a68e71ee34a371e1af6b5ba1

SHA1
4284d9267439eb06a282ace936744228985eda6a

SHA256
aee6467850eb8a49ea48d52bd2c28ae7024af8b572111b28098e50d5632f2f07

SHA512
5b9e1ca4140360210c359dce57c087931f11f50f4fd4603b21598ae7c2e6d00611561c6c701ddc4ae981de6ce40ac1f562ffc0fc26a47f0bcb98839c8bab8d29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4027a62df8d3c2b9026a9dbbc6cac2c1

SHA1
8b0ef163be7ccc84d81a9b2d87f62a4ca8171507

SHA256
ab4c097798768b66638ef1e266dcd71fdeff7b45abcc8dd2d6969fb3b7791616

SHA512
58a553fd85d8955c39587ff241a7ad6721ae663f75799e7a52598f196183c4c64ae199d3acff105b7972a962796516e7b30029128327291fb94bfd7daf5a948e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
154779d1d43e165df9fbac0c91be08e9

SHA1
5af1c28c38dba9e87a181d7d64b1009878fc4341

SHA256
50394a4248974db4cf61c13d998104733c84f16d99a0419a8efbdf53ebbd67fc

SHA512
7724ea8d390043f71f3136d0ff494a571b3b394b1dd101b99d157c0969d576d4d1d9157c626b2062d0713dea1f0d47af5b205fdeaae24f370ca1ef5fc1501f8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
4802a4b51ad8f7b4b864f698939bffeb

SHA1
80d55388bebd3852f48c3e6a3c2ffec78886ddaa

SHA256
3f6853d142693b8f8cc35967d617f27ff24e70fac7cd4411a66aa26024b5b224

SHA512
cf8d4fdc3fc85e8312a62fd344ac76111573c550918afe10f5dbde13a7d02586a66ce50c6b676db701ca5d5de9528f350643fd282c95dd98d7b1b4815d0e428c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6566b17de2c25da98a1ad0d3e93c78c0

SHA1
3cde7460999eb3db221b8a36c4ac2f05a33591e5

SHA256
4eb50f10cf3456844d06502b7244eca22b3983104a045810c3afdab95680fb44

SHA512
1808c716019d4dbea909ae541a7e974956f3354b0ed054a4aa1d2d65cdb31e5fc55cd0f6ccc22932abe327e377b484b1fd9947e3981a1bb29f355dc6bd677a60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
627af1d74439ed5b3ad66cab9792fc16

SHA1
7a75174be0c6465ba6e99d71439a0c77e5740c57

SHA256
d275125a148a319f55b75e4179cc6db9ef0604645f91ddbb2b316fd33655bb27

SHA512
4379ff76f1272fb953ec07fd023c9a7c4ee1e14c3968b5d902fbb9a19fb899f89546a67cb611f603296beea044e7e6d2bd5012ca037c26e6a54a9e9eaeb9c8af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
2de5ac24a7173bf20324439f1237e444

SHA1
c0b23eca0b1468e4dfc4bf5eae89b6aa8f641063

SHA256
50f0410568b6663c938e16b2b517e189f3520d59e4e34c3fd25ff88a39ab8067

SHA512
bf9fc5689027e3d9bcba04a3446f041c827109ceed5060331d7bb7955c1c5e4c1a6fbfbe59bd4006ab2b2604865679d8c551c29479fe16191e0cc6e74d654d86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ad18355efed9949f561150ea197f539a

SHA1
824700a6e321d670bd5a5fbabff704e993095d5e

SHA256
6c53804e76436a977eac7453604e853109055b621c6126638c343b4b79359877

SHA512
6b4812895977879c1d375c5c0752647a2fae394fb9093e5f085bd20bb30466e517494754724ed4e2702e4194b1c04cc43467b1d02ca55b4d8e80080f19f090e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
197a46bb1a1fd392e3af276e027c9cd9

SHA1
70c3ae1b4bfd599ff39748e1dbce2a3b25c73525

SHA256
d6dce2243993f98c85f75904b3de05febbbde8bce0c157d911f675df63e0d55d

SHA512
adcf49f205b29b0bff4a9b08a522503e32f373ac57fb46fce65a890494da0c95fdf6705d314d4baeb5b3afd31cca2245a5d5146ee136ce17ff0a8c0a718329de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
abeb27a13450a228d323c631e9b08d3f

SHA1
92851cee99e057f796f08181cbf124fef1a05e19

SHA256
9bee0f2547e6f32f971cfe2a981b1f9649085116d618daa60de5d1edc39febcf

SHA512
a6a7ccbd6187e2d33f1b5c1cd1eb2ed8922265e6508f696058efe71e429dd66e3212b703927f423f06dc4f8e69aac16ff75856e94e42dd7a619349b191f613a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
1de32739185f19196c46c1bab09451d2

SHA1
cfef31221443c67e290c0ddf863ef796f260a894

SHA256
3acfc8c83a605170a96cdf1e4eb4a962ec0fc975f94889ee3f150a09fdefe1a4

SHA512
474de79f387135583a52f4c0a9c226165c9bfdc2aae725ef7259aed994726df366d47ac9155f4a998e6cfb6dcc8cf808d6d1b884e36d6149a65493b5d13ef779

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8167bf93a7376b86bb8f3109196ae86b

SHA1
feac8ada782befb47bc03757a800810640bcbd05

SHA256
a34fa5f9a3a07d8fb700b33f44e4db818972d4c69555e091cbba336da66d8081

SHA512
fd68ba6e63eb634110b7139a4f8f4d48218f3442789dfc5cb76722074fee37abf8a5eabb145a7bc9b7b43e0b03297310a95637bdd8df2620366dcdbcd16b1f48

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
3f97ae9f8712a997dbfcade98c20ed01

SHA1
1b8c18e967d1e1bc3ba0f75cdb701c5b894daaff

SHA256
0ec3e157a5ee75f1124b1ff14d912a7c3e4b1e08d6d759f97d7c82719cf6a0c2

SHA512
7966c25ee38dfd0969de9343c81f9e2708419e7687eaab0ed2c37e951b3c1c29c9becdb5960d5b493ee36dee9e58f8228643371ae1901b794fad509995d2b4c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c950c5c3a48da024c8a6d73e212d837f

SHA1
b7a209f139157a26ff716338117c10959a2e8537

SHA256
6c6b47d379fc906d1707fc0e8ac02e5d39696488c9cf4d64d448b15cb5d3a4aa

SHA512
05a540791f5683e763f2fbc4f2275b22455c76cf7d9c46303d0e9f56ebf663877493feb1d7ff9c6267f4505e7f734d7ab1687ff3e369199d7dcf98903bf34527

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6857b825e184aef28504245c137bcc63

SHA1
a1843770eb6254665e151d124b83ac02d914983b

SHA256
d735ee7bb79e64df259c64837aefc0e8a19a3eb2c89d91d04f2b7e44218beba2

SHA512
352b879402bbdbfe7895fb3f10676de102421fc71d3768cc66af675acca66f02671679d1c933884553c1ec97ba582db7bf2d26f52927e285f066f0a124f42aff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
6d16114f9d15fd45982954df4b393eb7

SHA1
454e9a35c0456d838afd96b585ddcfb63db18e8c

SHA256
75bfbb047dbed0f17efafb6478da6aca1d6b2254017c8e3c122c9beda347d754

SHA512
3b5237539145c02b286f01228aaf58a5c0c1f19c19337a54af7d5617f37b1b76ac150fbf1ac65cc218e07299ead44d206fc28009daad446c3880f62e9722297a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c7e35fcbc0d6cef43e4328d6803b6eee

SHA1
eb07c023649ab0d781d58c1177a9af817c043102

SHA256
63189f59896c7c443f4a94cb347f91ad90d1da32a36534a860c1fad37961253b

SHA512
5b7c1ca1cfb6ac541347da1c8cdd936562980a3e8b3ccf2120c5f54264c77b2f2c65d8c8f3d2fd633db5fe4b601218a467ec7539dd49d7d2310cf29ba6dc5af8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
aa22b6938fd267201b17ad423e057f81

SHA1
b4df06680570ad65bb1a7201c2ce6847e30ecc4d

SHA256
899e735aed2eab1fd30c0b9117bda9680d26b770ed3623c81d55c2b307c910fe

SHA512
15c42cbbbb7dad327c5b3b370d20dff044ab7f87e90a4560ac978083a123cf79becd00296926b9f8da159a20a0a108098d7616993ed9aa0b5dfe6ab14787f310

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c2fffd4d5c5b035ebe42489e6abf6c8b

SHA1
fa02b7d628c95ea220bd572d1e641cd33f3411e0

SHA256
1fe881e1fed4c639379610da3d5c5c6890b8fbb16d4ac3de03ce184589d9d3c1

SHA512
5bcf538ee95217299379b97130e455c4bb65a3ad9f983f603f410415eaae3a5c6783ad254a5a1ebe233a39c706806f0b599b4fcec7f7f7e32f2cb9e05861aa12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ef843f106fa7ebc7853493e2eb6f5238

SHA1
bfafd250396df4124319a82c2fe18e75516e9724

SHA256
7e01a70644521bfa985fde53d75e6125a7048f71868459338f0a3f265532bc21

SHA512
6b2076d3595eaa6c15b96ee7336c7f26a54b49fd730c02254325c52202916a9fb45046d572d134328aac63e0756f9010078c1509a8d7a9f4526a101015b400e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c20581b199f469699d5f853b6ef9fe79

SHA1
60336d3f56ce18c0681765d1fb6efea1d2885064

SHA256
56d0756b7ae853300fd6575a0b0ff9888128d3f290b61bcb0e30cb47091ad472

SHA512
24fcfafa806192c9f00f88798e91520806fbeffbddc873467568d930e7049e06202b3a6898c2e8ae82255766d627924fb0b72911b8b749dd6759d8d0ceaa609d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\92229f24-ea90-452d-bd6a-0501b93e73d9\index-dir\the-real-index

Filesize
528B

MD5
750651af89e99aa4af2ad1da36bac737

SHA1
b3c181db2789b7cb49f60d2d38864d1a4dc5fb59

SHA256
fdf7a97f30fe26b6e5af1f0355ddaad22c1a1b21c1fbe0e4dd2fe1adf58040bb

SHA512
f730d0b8e1be9215bd6ae01b40f89d1a4e740b7317a961f4294094414afb53dbbc6ac92d9d55c6c788c1329265ecc4843d3f76435c32218e5217989637ce3af8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\92229f24-ea90-452d-bd6a-0501b93e73d9\index-dir\the-real-index~RFe608b0e.TMP

Filesize
48B

MD5
9de28ed28ef2680d09363f7b02d97d81

SHA1
d953df7d8942bd28c9ec92461a9eec94807b6874

SHA256
52f41b252fe1c6b43cf98eaca0db22448dfe00faad81f23f86160311cdc27572

SHA512
b04068724969712a1f91b22b2399031cf368efe46c0ddcfaec68dac4ec783fc087a08e403a6ae9c796e0398abaea3e97f5e6e57053cf7878201b7613338b3c28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\b227627b-fcd7-42c8-ac23-6c15d058dd5e\index-dir\the-real-index

Filesize
240B

MD5
141d20217009b12e8ae86776e02971b8

SHA1
3069e01f0acf6f1e99b1cdcecc7ae35aaba6dd95

SHA256
dcd7697fdc0667b4e8291036fa0f0aaa7ed5762233e08d24a1ab3d6be9bf3e30

SHA512
2b3047f45c6aac2e069b979efd8fe119a31bab615d2c2612e11c71f3b5604fd3faaab5045a7a7288b62199a902222d11b2c59f107e50f5cd6ec75b17cbe7a329

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\b227627b-fcd7-42c8-ac23-6c15d058dd5e\index-dir\the-real-index~RFe608447.TMP

Filesize
48B

MD5
75ea015a48c9ab11e32f24a40304485f

SHA1
18db7ccd58f3b80e7516b74ecef82900c1605e85

SHA256
c1bb2d83ace58ee19e16483b9b2366105d87af8d7280a585581ddbab66bbb862

SHA512
859784e4d2a1d0c1586bf5e1383376f4e419ba08dff63c9c63b883bf5fbe290aa532025d7b589622921503e38e27d2cfe7da414598741c65f8ca4129212a237f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\index.txt

Filesize
270B

MD5
71fb7d05ae9bc92d0b584b208937a87c

SHA1
5717048f091df49c5e5a502c747d8e554116495e

SHA256
fd11752b652d99708223233977293da33eec5fc5f8ba8b593a88131323945b93

SHA512
bcd36314c76a329db1569becb2d5d7d5245b04c0fa46f68c8b519877225c0c096a8eace1e2b7c98d54808674dae66abaef5bb9250db637d54f9364b197de6385

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\index.txt

Filesize
269B

MD5
edfa7d2ab92c19b112db780b2382809d

SHA1
2f6df57d8d2bbce5b8864402bb762b5e5674f514

SHA256
c91e3879ba395273dfab09952631f1fe73b21550c94c244791d0cb5986f6189c

SHA512
758ff5820bd9e1199461b213663cbf78bb8cceb32eb1209eb38235906e4a69b2365c742842dbbc22914b6730228d8470b82d946359a04de57df8608b6de6015e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\28c1a155541e77b0a43dca0bbbae8803432d9749\index.txt~RFe60379e.TMP

Filesize
166B

MD5
f66e3c09aaefdde11ebc71557508d430

SHA1
1d851233533f28e97f56c7d3fea9d376e3fa6584

SHA256
06cea224e13fe19652e746b4c70fe8220877681e3421e7b040f517b0b6d45759

SHA512
bd7283012779e3219b8fbd79c26c5f20b0e1565a915397fc3121654f58c980e873debcc589b8b8f25272f15749bde239bc5c2d653a8529c6bb7fe386bc585609

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
b6f48def1ad0dc727f479ce8ffec8a6b

SHA1
488a3d7c23f20d7c90d9cd3010d31836d67b4028

SHA256
88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec

SHA512
ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe619ba3.TMP

Filesize
120B

MD5
8e8eecb4a2dfb8b451da000c5c203cbb

SHA1
feae448c6a00ff78b254181aa1a665add9c0b748

SHA256
ec90c5b028df6c5de5ec33e6a6483f1e767aebe95e8bf2bb4051efa4b95895ca

SHA512
6b6e86e6ecf3d1d66b06ac7a9aadec0cadb0e3e2ddc69aaf8ec25763c0a80dd4516736958e3404103a354875839e8c7624a7c03bd37151a51c91acb0c3fe2eea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
240B

MD5
62c135fccf12937626369479afb68888

SHA1
2899001e213900f1854e51945c6c7bb862e504cf

SHA256
bc65a39e0758a1d65f44ae031fff02d283329eab7320951e4e486381415105af

SHA512
680d7e5f49f93a437144c89eb53a6848c8529479cf7ede9d8398b0f0e60708908572343328c1695a70bd2991fdf7b5fa06e793ee83351604e9507225aa752e01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
216B

MD5
4d876ce4fab38f4e5321416dd768d82e

SHA1
b251f871aeef24a5af55a4fa56cf34619a34200e

SHA256
3071eb5db2584e647b014d6c69341213c27459e8e748f2438c36ebb52b21627f

SHA512
202433a0812bd1faa10e10ce8eb58152e7f3cc4e142ae5031c8aa4219a65f3badb21b63fef8c8603dc4609d4a8d0d8ca32e9c9417a3882c04b9b6e7eae7fa08f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe60813a.TMP

Filesize
48B

MD5
7aab9e89f41b00d66fc57fccc32c8919

SHA1
130d704cddb0bdb336f48efa58081b66fd67ad2b

SHA256
1b7cf4b9bf7f4102a92a6049389b6eae004cce66d24c6235b20c798ceecdc721

SHA512
88bd49f40b8f3f6693a5ea129108576f40eea760795ce68e93d186c2b34f2ba1221764f4623705877c3b260eb6d01005c9eb606292c74418a31f2889ccee6ec4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b516823d-b985-4f83-b8b3-02106bc332b4.tmp

Filesize
6KB

MD5
23e007712ecc7a0ed7bb92baab802669

SHA1
1b1f70d333a53d6ab2bf2e56fa7810739e152c37

SHA256
93694f9909780ebdc426e2e4d50c7fb1170892d842064b1e8a5195c2c4364b67

SHA512
d4014641f361e27197a76a2e2b2bc99ea85f8c3e2ab8a71d7b72b046e7dddb3119fb2a2e374ffd7c8b1d55df8588bee9030d8cf8ffad9518c7dbc5f8e715c992

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\ece4bcc0-8449-45a6-9c4d-899339e4c5a3.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
69fdf689e9a1a6bed9782518d4c232fc

SHA1
f6d4722f84e17a3e0420217bdb08c8f0142e3839

SHA256
abaad534d8c2dc334c09a554641286935c25f50a8a1e35214774173d6579fbb1

SHA512
88a109c2e73720dcc5aef9ddda3f81558c8e64af0de61bf52d44621d36238e9c95848148b52499bb9d39f820671a6e7781a1bcbb255be54969c0adc20ae2003a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
1a4eb0c0a33fa852fd37ae884ce7fd87

SHA1
d5d133c931bfd49b271f82a8d39b693e40522576

SHA256
037b698d0346432fa23c877ed529cef99111b4edc9090e8dd22150846f4fcdb1

SHA512
7c9d67c9e9a90250f7015c90a028f884c5ebae4fe53c19403833ac8c756b2654adf4e32bbb4d8b95d387688988fd900348744fbaed1b0b723040b5a5ca82584a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
b16ca1bdc74cd7eef81a32b8b1e68277

SHA1
84b9311bbe8d3498ecfb3dbde923699b0872bc1b

SHA256
c0dfdb1158f16fdbbd24152b3fe8c6cea69ca9ffe02828813c2c224a8cb4c556

SHA512
70a7eea948cc83919484d521c76b88fc9649a67ba2833470edd381a2f5831cbc392ef9448b93f2cc4d47f9b1b8840ec7f4ab5629eafaaeef74eb381f7d14fa49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
ea6da3b14705645cddba6f4cf5f66431

SHA1
589f7c96bf67adad3f7a3cdf02a8f3ccffe81d8e

SHA256
199e8988f5e0fa46397359e83aa5aa085091a4e10ef8aee9600414ad01c7a8be

SHA512
85de9d26059bf05491ef6f4e851d39056b184a28f638551bffce904d5af19652fe2bdc5b82687bc02133f0d42bfc21335b6053751d2b5eb7bad7504ce7441254

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
3d3c71250b77fd8213879982fb295ed8

SHA1
ceb83a5eb4ada4f0acbdfcb0a525cc5ec303d11c

SHA256
e06b987c97a25f92097c9464b81329198330f0171b483b29708289f55531ecb9

SHA512
44e903e4ffc862d2cb9f799d763229572d96a9847a022c852502666aa481325b76bee6354da2891d16fb8e3de20a18a132da21ea0a4a3881fc43cf6016904db4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
0e5ede51898503f8eb0fc2c760cca0b7

SHA1
24ec4f05bdb0c95200b3358279d87c3bc19bdaf0

SHA256
5dd6f061069b554069c9cabb658063691fdbf680777d0efb2186f8c0debc3294

SHA512
51144846a1468ca5c565f38724537cba2596efe0efedc909d68f07c4a828dae5a7b31190615c63d4d8cec960d0b8236e7efdf4583be08002201374131dda8d78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
176KB

MD5
603ec6362fd27a9a8055ac5b92518967

SHA1
083fbdb94d5ead04d7847c5b3ebaebc687360939

SHA256
5a6559b137485490c896e88952ccae3088807998d1ad9a58612f12e3f1c12735

SHA512
8836710ed34ca156b1585234f31c480be32fe081b08b68c5480b02e08933ca0f0db9cbb5cc99b18cefcac53cdc0430b4b45f086d7471441d09bca9b2139cbca1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
bda7ac127fcc2747e1323c08b05f86c8

SHA1
adfc13641ce4d70217c888cdb4723f3760315617

SHA256
c64f8cfe284b9907d305d90078a5ef1df8ae567042bfe0de4bee16a992cbc6ee

SHA512
24e4f8420aedccbe1649a261944e70425a46486c9aeeb86e0be57e7dbd2e93aa5e710824235c635dc00ad1c5151d918d06aabbef3f0b75bc327a521f43fafea4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
335794dd77acae2a28eb6128144784ce

SHA1
cc15dd9bf2669978566ee771de337a65ddb9490e

SHA256
8d057c62afe9e80e9db1c23a3a6e7ba8bede022ca982376c07ee12751c790526

SHA512
bea50ba0b846e351a2fa9a924acf6e9a9fbbcbdf62f34951e049934e923d469c1655a7d550a006b1212d6ee13bf686340265ec53d0532379b9e064fd14ecbf7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
2cc6c7ae92c67927dac09ebf125af5ef

SHA1
97461b990801d628d5b7aeb4327d17575c751cd0

SHA256
4c83e78fb816e8e5aaae98f8af0278f5fc370c21063b26010c4fff41a28ecb9a

SHA512
ea0c1364eb16f576a1eb73a6d87f0e0992c79db41f9b4493572c8208a3d09debbd327369080834ecc4e773166d9654ea7eed6752f216afbcda886033754aca68

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
fa2c747a111486d88dc9c122af74a0de

SHA1
5e4522d9fae784730921ea1be88f046986c5920b

SHA256
bde6f0267363fed3ed84f6cde7adfd9c94796006d50263d296689af18eece2b1

SHA512
3035071dae800fb4ccbd371d38407ee07a3e8bc9a94e3663b13aa209df2715f9d3cda1442a3b81d9414bfe392926379eb1ea3ac184f3daf96598a6266d0ff6a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
176KB

MD5
d007e9d0679798e4390001b4377c38f0

SHA1
671b1894630b9e277347cd3810abb9f52a5a8489

SHA256
e0bbc7d10d6926fc2694645218ffbba041851e1a8f00425599e806b5de62ad89

SHA512
e65a7f9e00fee8adbf6b698b763aa6c9eb5990bd9f377a3a3391da750ad07fd62e1870765fc63b2644d7173d8bf7512329f3b5c0a27759fbfb3aba30b6669ad2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
d774e2a9866130cd23b2c48501b02719

SHA1
7b69f20c7afeec75c18e4bc6ed6dc63667a37b90

SHA256
1885e65650ffd1be40cbfa76bd33357e4869c9d45bee5bf7962d939568abdde5

SHA512
9c8373484f6b501b697c0894cec7b0f0009019bd5e669bd3db235a4a394d60bdbd58b423d3593b6bea71b9495953799a0b3075f9ee2c2d2304b52e36b0eca095

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
93KB

MD5
48b4dd5584db4a4021fb10efd2762aff

SHA1
de4351750e8c3f71228b4ebcfae61ecf63b25f17

SHA256
0a284da17beb7a14af030f3395123c8372d31bfb282dec9b590a55218c700773

SHA512
0de82bbf32b748def8615a8cdf1f2519fd55c240178f89a31d5aef139be94960ba6c4a56f939e0188e7c6cbf434961b4f73bc86464ff0a3aa44794a1e9a1c593

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
73f1e51b99b3c56b54a230e3e149f161

SHA1
ac7e9ee5f376fea2e778de40cc5a3be14c5a8c25

SHA256
3adc98a5a421f205810f0264df6bf8b35e695b2c37dd8ac292e598a52a3d911a

SHA512
a39ceffee5421c6db7357bc884b6f6a7d1c7d7e375ce21ffef5628daa7847abe72cec6f346ebd93ca171bb636d7851c411ab31c110b03a6037e9f7815153d252

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
176KB

MD5
cb895aa1b8f70baf5ad021eb7a93ca7d

SHA1
80d1d1ec89b942723b16465c8c6eb283b42d4289

SHA256
9896288cb7991b8c86610d82488c55679e4677154406758417ae780ba0ce7176

SHA512
f9cc0b22292c8237e3d16875ad25cc0320ed0ec58582779d00bc5f3545e046734e0fc5545a369c77b136727d660821627bb88ee191149d6f0534ea95995cdfea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
111KB

MD5
fa8572e619f69ab9cedeaa7273177e06

SHA1
55cd5f8adb4fbd732d4d97156b28286b5fa1a923

SHA256
324de9446f28d4df45d2cc9526412096e79b5f97d28755d02176f54174a2d7bc

SHA512
f53c50f76ddb242a8feb46cb65fb0d217ef4d3a118666b99339e307506c77c45957f2edce71130297829dad2dd6fea5ca0659499404184553b74e3204fb050b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
114KB

MD5
ca210d54676ac2ae01befe0a30fd707f

SHA1
ef87edeb67827ce53bf63c579d1221cf642f468f

SHA256
4efe8eeb3cbbf545e9b7dd7a5089228ccfeab115e4e802310e4a1cf49d8ff11f

SHA512
300d80564ee5d1a68722f90196f34256e27b549424da1474b4be651091c21c0bf5a120755c0681ca05631500bb6fd4df7d57ffbacda6fb110ed126e2a15dd801

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
115KB

MD5
c40efbd974f7aed147a4970ce003342b

SHA1
404c3d54d4ccb3df519e343e5455d2f5702eebb6

SHA256
2e479009b1a9f5ad8211187309072d6d5fe75492d6c5e03420080db467d99cc3

SHA512
4e7fd8d240058177840bd629f2ee97d3bb8d1b2d370f55292e550aaf2bc7f35f12bec1bc2326335901ed5e834f7c70e74c42a479d778f9df027af33982378821

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
116KB

MD5
ff488b8f3da2bc3e787560da56724287

SHA1
0934efbcdfdb41e6da9044b05a3d74266f3aa6da

SHA256
07b4c95690cd54c00ef0cf0e4488c4c6e289539c710eccbef6d78aa128d49230

SHA512
1b64453622bb5f7def52ae80860d7106c31869e29c34f1e15ec3c0146cd1aea3c376c50c6029e1b2691ddb16d463278593f04a8c3f95bca4d64176235c251bc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
119KB

MD5
33ef32518cfc73156d991e955d910223

SHA1
61dbed79d5587192554c22db7792062a14c51b0b

SHA256
446fcfe3effee1b6b8293d293ee2c5fd42dc4fe299dc5f21482b4f14a9511b0f

SHA512
f0b14ac2bcaa9233d18d5f88ba432b2dadd07ad57fa2b2de8eaa727290b65656cfdf11e59fb862b3e5e8307e082a70228d3410e0e22079bb8624932548499aed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
118KB

MD5
cbf517ca45fa67234bad548bef65a336

SHA1
203273509b6e1f4944287109042d28a9699c9347

SHA256
49dfceed81d0d840c27d11e8faee4b43cfe720c5526cdee1db682f4fbfb2d8d0

SHA512
2ff4e5f8ac9031e5c4f8f0828858955bc0d6e74120dd89fb85bdfb4c0cbd6bdb055a09f817f2758489479da21d1d2aa214c8923a7a094cf952889c47a5fcdad3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
610501474ce80e753cec04d1ad70a546

SHA1
553d30fb7128cf29a2458c7a995ea58c9b42b1c2

SHA256
165ce8f8f60fc05815bf8ee0e40f10dedf03015bda7399b67b6a0a40c70dda25

SHA512
cf45d26f1514675f34b69ea17b45205e5dfc07dbe0c71a7784aa8f55678364ef11702816012df63bf3f4530b079853465eca53eb3553ab0f321965b324fc6b98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5870f5.TMP

Filesize
93KB

MD5
6af60327c436b459b420b3e05b33107f

SHA1
d7a5963d6be1e0c5e7a37554204cb74f566a0ee4

SHA256
f39cfd4c878321c170e3d918491735ce512c5d878e44740f79cf70507b6e8209

SHA512
5a7231182119c2c9e09913b916d6987e36ec604e15cb37a139e80066c8a238c8c57e7d0c4308b6b26575790b3a2a4b2025ebc93b3209df74080538811d77cffa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\A2AULULF\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\16tg48g1.default-release\activity-stream.discovery_stream.json.tmp

Filesize
150KB

MD5
5b4b44a0a7fd1e92a89efb8e3ec57ccf

SHA1
19aa885091529e8af7f1e47561ac14a3e39c7391

SHA256
df91213a7ce03b348841d0b8fb0c9c40e36b83eb2c03324d274b23ff9d38ca38

SHA512
babc1703568d6b3ad3a92c16380f48d1b899e71c6eb0de25c6fab2ef833e045b3818c6711a453831909dbe6a5666de3e8b935273c8d3c10dbc03fa1c3ee2b825

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\3FAO51L8\fa-regular-400[1].woff2

Filesize
23KB

MD5
e42bcafcb7cc5002daa805140064bf40

SHA1
f7a09bcbd996fd634045d4e79b6504c945730686

SHA256
52ec4d833cfa502f109fcc197b417736165f53d3d0b4e73a2801c8d50b641805

SHA512
49d3c35d08fcd6d2b0166d4ae8ef565c097076a7bbbbb9b19e172abb8a05222221caa16f928cfeea658aaead37ae70e8683c8388c2f987bce73742b4bd9b261c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ASFM4RGR\setup-TNUV7WPB[1].css

Filesize
38KB

MD5
bb40edaacdba40af37571d3489b949c1

SHA1
95e108eba77e49bdc91cb71553610cf9e4cc383d

SHA256
95a7997a052959df376207e78e7d3928449cfa6d4e86abf6bfc41aac7879b173

SHA512
5cf68e2f07fc8ce8584757f76d06c76061aecc6d56d48343ce5d45cf46122a15116347b3af967fc55ac2182a439c1bef543a952a638921a4253392cb062fa597

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\560A9Q4J\favicon[1].ico

Filesize
15KB

MD5
e15402a41f04d656bceedb8d0a3ea40a

SHA1
31fee0b94d2a286a3d9b8094d5549a9ab1def5b0

SHA256
d8004341ba5458033d06eaa55af945a158f0bf170c5cbfb30a626e930e048bbe

SHA512
ffe902b3466bd6e96110ffe20a800b96a82f4042a6826fcea1750d0ffdde0aacc164aca51bceda7bdfef5047fcd41bb2026ba1e3b5109888396847881e944470

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\N0Z43UMN\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16tg48g1.default-release\prefs-1.js

Filesize
6KB

MD5
55947a27c52b6d20a6f4596f40c42f66

SHA1
6e47ff6cb6b6d7779f0a3d411f960198509fc3fc

SHA256
3d80f650d4b6b714abdcf00480a1792c10885b797d44ac47a8d9fbf93041f59d

SHA512
6dbebd19978efd9be7463d5d99eb9de7caa72cb97651eb908ffc8eeb0188847752c37010e9b4b51b4fdbe47633fbb9cf9a487bdf02020bad7557c75f29c2ee2a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16tg48g1.default-release\prefs.js

Filesize
6KB

MD5
500f4ead84eef6ecdfb8cf0a433830fd

SHA1
e9d0e94ab504387b4a05af9253a9563011380562

SHA256
d064209943b522c8698af1ff085a206b5c608e1c9cb092130923290a828a00c8

SHA512
e14ccd34727719c2665a62f3d64c2214567a0fb5151521f86abae3c314e1ff2c8442c0c9cd7359297f3f58b42c9d2df134bf7559602c9f71724062e73170107a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16tg48g1.default-release\sessionstore.jsonlz4

Filesize
445B

MD5
9c26aa1e524489c10e292508e66d5da7

SHA1
257d2678b97579e82f8c648917472bfb34706dc4

SHA256
3e914f386346e381f7e84f585be8bdd7af89ba1ef310980b9cc364bac31870da

SHA512
9564889b9f3b2a8f3e258ca3ef210f090a0641c879a77ed0b6cb3d470a3350e28bfb8fc79be8189f86dbab45859748902af2d48ce402cca9036d1997893e0d32

Download Submit
C:\Users\Admin\Downloads\New Client.7z

Filesize
113KB

MD5
f4cbd2b5ce224154196b17a05bb0d9c1

SHA1
733020940bb01a7970f3555d341ad2a7fd268bff

SHA256
ba257e368ed8adc636334f4f0dc767bccf60fc97c2c9069be2260714806f9c30

SHA512
eeac365b851cfdb7767d4391d994fa43f694214cda990ca42d82480c08e15b6f18a55911775dceea4a3b72cda80432a79f463c629f592b698172e271a126ae40

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 176813.crdownload

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\njRAT-Platinum-Edition-RuS-main.zip.crdownload

Filesize
9.4MB

MD5
77b83a87828704868df93a4c15c6fbb7

SHA1
69955655c90b8fc5778ff165b2417933560f2772

SHA256
2f2eed1731f3addbd1c192ab1c82631caba60e6cba3b32aaacde4c1d75effb0b

SHA512
10a3818520d774d21779dc101c9d81830841ccc8f1ceb3837e3202df3f761790ee2a8c134163062d247b7451c749446a4e6947716e470a3ab101093ed2ae662b

Download Submit
C:\Users\Admin\Downloads\playit-0.9.3-signed.exe

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\playit-0.9.3-signed.exe

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\winrar-x64-623.exe

Filesize
3.4MB

MD5
7a647af3c112ad805296a22b2a276e7c

SHA1
9cdf137e3f2493c9e141d5ec05f890e32b9b4e87

SHA256
20739e8fc050187af013e2499718895e4c980699ccaf046b2f96b12497e61959

SHA512
71d86d8dc598aafa91da8e0d971d1bbb87135832b848547c5c611bc828d165625c7a19af2cd300373190cf3eb782c714ac73d84ada53b37b6d8c1ee8508bcd86

Download Submit
memory/4168-567-0x0000023C98DB0000-0x0000023C98DD0000-memory.dmp

Filesize
128KB

Download
memory/4168-523-0x0000023C97000000-0x0000023C97100000-memory.dmp

Filesize
1024KB

Download
memory/4168-1067-0x0000023C98EC0000-0x0000023C98EC2000-memory.dmp

Filesize
8KB

Download
memory/4168-1065-0x0000023C98E70000-0x0000023C98E72000-memory.dmp

Filesize
8KB

Download
memory/4168-526-0x0000023C997D0000-0x0000023C997D2000-memory.dmp

Filesize
8KB

Download
memory/4168-531-0x0000023C99800000-0x0000023C99802000-memory.dmp

Filesize
8KB

Download
memory/4168-533-0x0000023C998C0000-0x0000023C998C2000-memory.dmp

Filesize
8KB

Download
memory/4168-581-0x0000023C98DA0000-0x0000023C98DA2000-memory.dmp

Filesize
8KB

Download
memory/4168-538-0x0000023C998F0000-0x0000023C998F2000-memory.dmp

Filesize
8KB

Download
memory/5008-435-0x000001A6E5DE0000-0x000001A6E5DE2000-memory.dmp

Filesize
8KB

Download
memory/5008-619-0x000001A6EC7E0000-0x000001A6EC7E1000-memory.dmp

Filesize
4KB

Download
memory/5008-618-0x000001A6EC7D0000-0x000001A6EC7D1000-memory.dmp

Filesize
4KB

Download
memory/5008-400-0x000001A6E5C20000-0x000001A6E5C30000-memory.dmp

Filesize
64KB

Download
memory/5008-416-0x000001A6E6500000-0x000001A6E6510000-memory.dmp

Filesize
64KB

Download
memory/5116-676-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5116-746-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5116-1060-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5116-908-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5116-1003-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5116-1013-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5116-1032-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5904-2264-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2238-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3149-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3224-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3228-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3229-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3232-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3234-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3237-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3239-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-3243-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-3244-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3138-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2950-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2850-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2757-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2754-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2722-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-3486-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2719-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2642-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2272-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2269-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2267-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2263-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2180-0x00007FFBB3CE0000-0x00007FFBB4680000-memory.dmp

Filesize
9.6MB

Download
memory/5904-2179-0x00000000005B0000-0x0000000000DA4000-memory.dmp

Filesize
8.0MB

Download
memory/5904-2182-0x00007FFBB3CE0000-0x00007FFBB4680000-memory.dmp

Filesize
9.6MB

Download
memory/5904-2181-0x0000000002FF0000-0x0000000003096000-memory.dmp

Filesize
664KB

Download
memory/5904-2259-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2258-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2242-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2240-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-3198-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2234-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2233-0x000000003D540000-0x000000003D640000-memory.dmp

Filesize
1024KB

Download
memory/5904-2230-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2226-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2224-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2223-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2221-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2219-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2218-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2217-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2215-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2214-0x00007FFBB3CE0000-0x00007FFBB4680000-memory.dmp

Filesize
9.6MB

Download
memory/5904-2213-0x00007FFBB3CE0000-0x00007FFBB4680000-memory.dmp

Filesize
9.6MB

Download
memory/5904-2201-0x000000001DC90000-0x000000001DCA2000-memory.dmp

Filesize
72KB

Download
memory/5904-2200-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2198-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2197-0x0000000002EE0000-0x0000000002EF0000-memory.dmp

Filesize
64KB

Download
memory/5904-2186-0x000000001C960000-0x000000001C9AC000-memory.dmp

Filesize
304KB

Download
memory/5904-2185-0x00000000030B0000-0x00000000030B8000-memory.dmp

Filesize
32KB

Download
memory/5904-2184-0x000000001BE50000-0x000000001BEEC000-memory.dmp

Filesize
624KB

Download
memory/5904-2183-0x000000001C3D0000-0x000000001C89E000-memory.dmp

Filesize
4.8MB

Download
memory/7352-2290-0x00000000008D0000-0x00000000008E0000-memory.dmp

Filesize
64KB

Download
memory/9076-1167-0x000002442BE70000-0x000002442BE90000-memory.dmp

Filesize
128KB

Download
memory/9076-1149-0x000002442B5E0000-0x000002442B6E0000-memory.dmp

Filesize
1024KB

Download
memory/9212-2322-0x000000001D4F0000-0x000000001D4F8000-memory.dmp

Filesize
32KB

Download
memory/9212-2324-0x00007FFBAFE20000-0x00007FFBB080C000-memory.dmp

Filesize
9.9MB

Download
memory/9212-2332-0x00007FFBAFE20000-0x00007FFBB080C000-memory.dmp

Filesize
9.9MB

Download
memory/9212-2313-0x000000001BD80000-0x000000001BD90000-memory.dmp

Filesize
64KB

Download
memory/9212-2310-0x000000001BD80000-0x000000001BD90000-memory.dmp

Filesize
64KB

Download
memory/9212-2299-0x00007FFBAFE20000-0x00007FFBB080C000-memory.dmp

Filesize
9.9MB

Download
memory/9212-2300-0x000000001B680000-0x000000001BC78000-memory.dmp

Filesize
6.0MB

Download
memory/9212-2298-0x0000000000990000-0x00000000009A0000-memory.dmp

Filesize
64KB

Download