313b2486fd0fcc5e3187180476ed20f0530b2fc2e99932f8e0729ae013921251

Analysis

max time kernel
1791s
max time network
1525s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
25/08/2023, 11:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Updates.png
Size

9KB
MD5

0f70c6b267c9d91eef10b7f5bbfccbce
SHA1

19df8ebc6dd635cd0e3c0c7430f819f32e39aed5
SHA256

313b2486fd0fcc5e3187180476ed20f0530b2fc2e99932f8e0729ae013921251
SHA512

cb6030c8ed56cc5ff29f2d35e51444f140cbd4cb19d8f4b7368f0f13df503cb7b55d5f1c2ba6dfa2e9c4d4edfc27b1b00145c853a54c041305a0579ad9c0aae4
SSDEEP

192:wMsnMmWpY1C4B/0vpbKA+TGxqKSCRQRzDLO8mab5K5leY7IonPl0QG:wlnjBB/gxKA/ACRQk8ro7PA

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133374356642138568"	chrome.exe

Modifies registry class 22 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3011986978-2180659500-3669311805-1000\{EEF53502-A5B5-401A-9892-7774793A6E2B}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\Local Settings	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\.crx\ = "crx_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\潤瑭敲e湧❬܀蠀ᤅ翿	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\⁰䥡ɳ	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell\open	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\䥟ɳ\ = "crx_auto_file"	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\\ = "crx_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\Local Settings	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\⁰䥡ɳ\ = "crx_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell\edit	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell\open\command	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\.crx	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\䥟ɳ	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\潤瑭敲e湧❬܀蠀ᤅ翿\ = "crx_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\crx_auto_file\shell\edit\command	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4504	chrome.exe
4504	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
7768	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe
Token: SeShutdownPrivilege	4348	chrome.exe
Token: SeCreatePagefilePrivilege	4348	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious use of SendNotifyMessage 62 IoCs

pid	Process
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe
4348	chrome.exe

Suspicious use of SetWindowsHookEx 58 IoCs

pid	Process
5700	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe
7768	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4348 wrote to memory of 1624	4348	chrome.exe	91
PID 4348 wrote to memory of 1624	4348	chrome.exe	91
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 1880	4348	chrome.exe	92
PID 4348 wrote to memory of 832	4348	chrome.exe	93
PID 4348 wrote to memory of 832	4348	chrome.exe	93
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94
PID 4348 wrote to memory of 3676	4348	chrome.exe	94

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Updates.png
1⤵
PID:4176

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffefbd99758,0x7ffefbd99768,0x7ffefbd99778
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:2
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2956 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2948 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4684 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4796 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4776 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4884 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5288 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5128 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:5112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5096 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5160 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5504 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5948 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5972 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:4572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6136 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2672 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3800 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5716 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5772 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:2728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5736 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2728 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5424 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=1004 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5452 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3852 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=852 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5732 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5720 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5200 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=3252 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7112 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=7152 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7140 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7132 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=3412 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=3344 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5196 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5176 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5440 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7352 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7524 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:2472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7492 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7488 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7588 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:2944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7172 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=7188 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=7204 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7664 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7760 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7468 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7220 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7236 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=9608 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9752 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=9464 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9320 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9028 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8872 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8884 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9776 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10348 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=10336 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9868 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=9844 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=9820 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=9808 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=9800 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=11756 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:6688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=11232 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11864 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=12012 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=11980 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=12236 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:4216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=12264 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:5612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=6948 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:6676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=11280 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11088 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12184 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:6092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11036 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12132 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=2644 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2344 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=11192 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=9600 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=12984 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:8060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=6160 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:7968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8172 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:8100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=7312 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:8148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7320 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=7772 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7100 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10708 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:5748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4712 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=7348 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:2572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9076 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9988 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:8000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6504 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:8168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=9108 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:5568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10332 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10212 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:6064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6752 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:4064
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Video DownloadHelper 8.0.0.7.crx
  2⤵
  PID:5256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=6712 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:1
  2⤵
  PID:3228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10676 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11380 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:8188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=10004 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5036 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:7112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=8808 --field-trial-handle=1936,i,2102773591607215332,1482882419388922397,131072 /prefetch:8
  2⤵
  PID:5680

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1496

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4a0 0x30c
1⤵
PID:3220

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5700

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:7768
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Video DownloadHelper 8.0.0.7.crx
  2⤵
  PID:3380

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "C:\Users\Admin\Desktop\Video DownloadHelper 8.0.0.7.crx"
1⤵
PID:7604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x100,0x104,0x108,0xfc,0x10c,0x7ffefbd99758,0x7ffefbd99768,0x7ffefbd99778
  2⤵
  PID:7684

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
f083bcd6a0628fa4aca1d134179c94f7

SHA1
dad1bdfa0fa12bbf89581b0f2349d34d5e48c412

SHA256
598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d

SHA512
33d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
54KB

MD5
3759b6524d7dd1482ddd6a24395d85b2

SHA1
716c8dd6f5ef61113e42be1ce55edaa78ef22f8c

SHA256
23e4dd91812d8cea3d82fc0d9b347721df8028966b1508849c05c977c992ba1f

SHA512
85745c0b2fe58a30bf66aa1201720bc0dd9a4a49edc035ace4c3eca9ecb4563bdc872333f71e5bc0e442f2c2f90eb56bbd5c8b996b9b267725f6138de029d21b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
39KB

MD5
6a3bb9c5ba28ee73af6c1b53e281b0cf

SHA1
d96e403c99c1707f82ea29c2c1f134e792c64097

SHA256
2f5adfc38558162578ffe112229f10417fbc4b3df025d153d4e22a0c95177740

SHA512
6c4844f70969938339cb6716a834a79e1a8379459c87b983c2518b9cbb560cb2f101aff980f682989928523be6cdc99bde3bfd8137f9c54a58191b900b580fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
9f357b92959f6ce538557933a37c502b

SHA1
d80d1cd805e342beac7a474b98c8754936fb3f1a

SHA256
2670ba4af1694f9ab8854d0e1100c51f748480a054599b5dcaaaf3946742d57c

SHA512
1ff5c64101060db252b113c2b9c8d398c9e3e51ca8cd5d76a6264ea527c658d9ab9036697587549b73117ce0abba718cd971cebe6b3974c91e0bba401f4d5caa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
78cea5b61f35770983d4be66f925a5b5

SHA1
5229c4cea17ef01180f41dbc57fd1a2eb5c7fb8e

SHA256
ace4108d634d9c4e9702688a886e2111df6fd367bd681638a81147a2de0feafc

SHA512
f657e64e9b84487407b98e6cd56833c59fac3533f733daf3d7e3960b3a5e6bb8cc9a32d652ff16ea5ac0068793e291273db668e6511e97249cde84404979ed06

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.dropbox.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.dropbox.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
3ed62fe3572f4a797d2ab5a33ed99970

SHA1
716751061bf15663fd11367da8fb899d504667b4

SHA256
fbe0e4d5b859c6d35fce3932d2058467f0c9b4f9867b7bd6b944a33853d6336f

SHA512
035f1936e20067de6143e4970b6c78677559feb8633c9a243ab00a80b4a4bb5e837c8fead652004622e284f5cff7cd1c07065a4d211a403a176c35bc6fad8dcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
15KB

MD5
814a8d573165e81915a616963cbc4c58

SHA1
bc1e0fef2100650be154869fa6e444fb5f104a31

SHA256
84472209f7b7110f879cdd14d56e6598cd9eaf6b5a487adcf283e3f0d0b4c340

SHA512
aa196c1df1d7e07094b94152c7c3c26382bfd4af3f60a5188152121014b18328c18cdebdf782a74fa271a1716129609a7c9210461f7ac847b7b213f8eb9c4b46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
677f692ddb52fcbfabe0eaadfba7a50c

SHA1
6182d6f8e416e0eb32a23318ba1ce6834825b283

SHA256
766c781d564d947c03779a54acb15cf7d9097916e9db151cf1f8eac5bb695205

SHA512
fc58eb414351b87dd0e399cce447a509d746a630a500470a464aa83846dabeedb74b3e08cc87fb70986cab7177cf660deb62c0dcc0609e0cc607c87e1358a89e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
98fa58b7468722a38cdf987b00bcb49d

SHA1
8a44dd14f840a861466fdc65ab675dac895e9950

SHA256
d7562c82603162f0a0502d99bbd8928e6bc7ed3710aa65f28f26feaf2bae5c62

SHA512
8573de4efbad1fc8feb1a6d0a1a0e77c8948fd9bc4c4e8e9bce44faf3ff52bbb04ea7a6cf89ee1a71ac985beca5079311aa942e2e79475800b4347a28adc533f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
ffdf8f28bb848b874e848920a65f22a3

SHA1
6bd23304a015853f62a4e28fc41df35e54174ad9

SHA256
ecee95bcce7f4b36286ec698123606168e4b37c44f10ea1a7219c97213ab1628

SHA512
482eedf5d8cf5c87acce377b6072c0a5adebc376b652ce8519f714898aa635ed3268d2d26c9fd3d94c286bda6ff6a95f15bba047bb5e30ede89b554caf732ee6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
4929f3edf8e8be6e32eda61ee5e4b13b

SHA1
233cf56ed29f7951f0a56865e637b5ed02927c14

SHA256
5722e019f7f966a933bba60eafdb04a84b1496d21324238c89d53100fdc0da75

SHA512
350dc214d824fb48e25a4f77033b3f3639da76d1727f924e74ef40f74f4b35484444463f5b580702aeb8792ef8833900dafb728521c90067b25218284a088a88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
857197725a3e6c2384b688757ced8dad

SHA1
3ac30b09dedbf7ec3c52049451bfd7b539371e7b

SHA256
f8d7f2b89c1ced539ab9670691dfb3976fb72e73668c83321cb700805b71595f

SHA512
a45bae2be2304a09e1002f6a21565f0692028f3939e6779320baf22beecd290d50027f6ea26b22cc250d50d1e2c8a86828ce4008fc9e9f02fac7dc0a03a6f66f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8a2d48b1f99a6f62003b99b6a0712945

SHA1
7ed14e3ee4262759ad9310a7a80247a99a952fdb

SHA256
9b029f3700b4e9f98ac14594bdaea6a66484b039dca2a9bf9575dc7f6be3c7f2

SHA512
bc02fd2f4c4a16bffbfd6e61cf9d865fd3bd5cb5d34dde046a9ae7df8efe1790122ce14b7254507469a1ff122616554234cbca801bf497dbdde87440f4ae2e9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
45d84042c6f2232f2748538d2eb96d64

SHA1
f91fa1b9a57ce5ab8ac23f5ce2ce405668e72476

SHA256
c33e07541ee7a8cb7a3379b2e74d32215fd04e6983eebaa364523ebb7da008dc

SHA512
45a8b916b85129c2310747b1c614e7a3cad2759b10069a0ef32971c728447534a7c75d5072ed867cbc90b8036163f446e6327865cff319ff5f0ac2abdac4e19a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8bb21a27531b7bc92b72b0af3a5fb554

SHA1
8fda2b9912c12ab282adcb4cd2bfb218e136c35b

SHA256
6012eba391a60abe8ae3764d117e1cff65d94b5d7530204838a8cdd1943b0cfe

SHA512
8384f3072293e378f9efe492621d999b0cfba5651f86f04b016e38ec3c69d98e7b463f982d6051c60c5ff36d4cf57b06cf751399f0db5655ea401ed1c30b2932

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e230a146aaa9855ba4e241455587f4e3

SHA1
6ddf6cd0313a39d8fa00fd445dd52ac5c7e7e2d5

SHA256
ae36f16b5bb7f57f5e97036b989633e39b0f83c3895de786c30985291d221408

SHA512
616f0d8e5e649e00e3d122e54700210a36a8d29735733d1b09171bfae5874f746509c16a74084058e6f9a082b4c78c4a1b4848e4e54623aafb87b4871493aae9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
d95b7c1a8d173254c85e08ee144885eb

SHA1
47ac389eedb7784a13a1d2dd841893072c5e2e4d

SHA256
66039b89c1cd82175102d8987cd534922fc95ac0b024f5b178c9bef89caee5ce

SHA512
24491c883cf34183f532837bb8753307298d9c16fc351d28595f2e7eb3c62e865e93536a1093f6859a80b2a38d0182f92472c54da3e721d17a1736ef363aacd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5c0cc02c242dcff07e7c11cad75ad415

SHA1
92831fe364501ea7632e90647c99a4b0e44baa0a

SHA256
31e917264e02eb4f9bd0bc9abf2a67263aa588d80725a42a5c4357e88071d5c3

SHA512
fd8192735b9a1ead4c10d223beae397de54b5f66077cb4bdf7f83a9134af0f6dc28e88d67b53493bf61f4ca105bc5978de876e98abb86084045edf6bb349e4ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
4cf75a88c504ecedc77e0c1c1f5db134

SHA1
519899298b73464d8e0949c15896aaa19d0bbb8c

SHA256
d2a3fde02a30e7d363c3d5d773fe2fd337e0987be623ad2c6e4c39156d4d120f

SHA512
e96039556e520eebfdda9054c7ec8eab8d438aa626151551f160644c8aa3b7635d11b5aa50fc94404ba019ad9ec79a714df5eb696b1c0f6f874a4ca5905f9caf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
464d3b990404c4ec91e5b69efce296af

SHA1
c73af2bc8c2a9c8cc38b92273a5c4608c31130e6

SHA256
959dba4a8b31aa0163284e66862dfd89b454022f55e42415598e0e48d59fe0cd

SHA512
648810b20bd5c20dc5cc632be5940c97be6307b102535a9e6379148452181e1a8ff86b805f7a97bde2c1a3b24ad82bf8e52d51404beb26045ed96cd97b4f9424

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
eb5193aabf181501b09755e798eb7e8e

SHA1
0f28ab03052bab3fced4306d45c93e1e800b9517

SHA256
3c1a022badb4c89bad28c86bbb444f57f2740e83a27f5bccfb2dd945901b9a4e

SHA512
af8e218990ae3e9d6fda4beb8d4716e1198443a6b80831f761c3770015f48ca819ce2c3d565db2e10b18fa06006c3dcb8032e305ae7e1ea784a1eaaea7a7870a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
6350ed9a9eb0c21d109c09d8f6f4c818

SHA1
172749b0ce0b4a98f512fbbc7bd68f204618e862

SHA256
dd4563085a01ba76a5588ca4a04055a146c752af1fa93b821ba3faabf1b44186

SHA512
36243ee115ce8de60d7ff6506d6bf5331b1d27e6c7de21f79fd1f495de8d1e52c213fc1de1f43d8d70b44064b240ffdc233424d47233a53b741dfbda2bb056ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5b81cf.TMP

Filesize
120B

MD5
d3121b5e67ddfd0d69a1fc26409f54a3

SHA1
d6abd6e3a872347059b5c56f8ba7ff98eaa5e947

SHA256
a810249c7c8941cc6a5dba7b0e2a3862117c4fa7e5fff684ea32feaca46b9b8d

SHA512
21ed94119939297921c14ef0b890f647566e8716c7ff8c30e752e5a742561dcfc6de6c26cb29e5f2d2166cc57c88f446dcc88bfa80e0022521b6fd28dac1f568

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e1c22864-169a-43b9-989c-c4e857802350.tmp

Filesize
6KB

MD5
13294cb5b97141ca00326d0e155ee26a

SHA1
3fcf74a130b9ba5ee74e9c897559ab224a282064

SHA256
a46fbe3f259a749519f67ea06e28ef3c051c86a6ec95d68a8c528f5081786655

SHA512
50f6d8dbf1b04db1a31ea0ca403ba8ec98f8dc15275c160dd67922e83f10823d174965d1e59c166437228a3dcf05660f9ce10c3defdfc87f112b3d38cf69e6ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
a823be82d252aed3272d22a9ead350b8

SHA1
3cfeb318955bd082317a9f73f787821dcfa73171

SHA256
c851da7a1a6b5aa68c7b3fb67aea7222e4b032acc5b5aa6d280f97a0d942bdc1

SHA512
93569e5b784ed688ece9828ae4e8f6e01e9924b0f489cd4b9dc1d0dfc3bf31f3cfbae545ff331a8e24e123da004efb5e912589365631aaa1395b8d8a20c5e634

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
c99f8e3ca59ca7a4b76ff4ee0a736f50

SHA1
be51c0a71c60054a554ca7bf2fa1eced367d93d8

SHA256
c0b3fc87b22edfb72c84eb6f2d05cb657045ecb0b778ce330884fcc31d5ab022

SHA512
c13b380721b40b7d777d7e75c3f2884fc0717c9e42944cb7fd73beafbaf4d98007271ebf4304af7c69d26359f5bf3f93a9d23b644cd739b840ba502d72bea6f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
3df9d67bb55c3c3be0b14aac9dabb364

SHA1
99b322daf64138be0a2737d5d396ed4588aa1af0

SHA256
274a565a5e2d353c4ca6ece0671e9d93f9cd33d4aa7d1eb8e9e2cdbf79478049

SHA512
64455f4cf7033fcd1f02ee908314925f15a120539b24f0ec913607f902b08c69acd76f97f1c4ef5ee0e845c9d67bb7ff21aa6b58bc179e16f633ea9fe4983bfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
678e813b80ecd2f6cbb16ac2ca7cec3e

SHA1
92ba5bd4774ce7d09dcf00c0af9e18cfe3002975

SHA256
222476212ed9b5ac4cd07ee4a734a40436b91dfb1c31aa814be84680cfaf24bd

SHA512
827f5dcb75146360d473b32c1854a7f150a4f5baf7945468e23cbe780857a98cd7facc9039591c7fed2fb1856b58a5f774ae80cc90f5260bf33b85bb81480f22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
c7472a573810a088bf3de7be03d52c21

SHA1
3630a4683d20a4950aa2ecbe5699d957be425671

SHA256
7b7b445a8f7b2c81e4af478030d40f42c45da29f9c5b9e9a69c47b087fb099e5

SHA512
01a43749c37d6a04f38e2f409acd86e61ecdc0e42f16808e687e6b4c756799ad43c78e1b1c62e00c9193d50c4a1ecd0c90e88ad405779ef0f3764431ee8f4720

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
0940b2a129513878b1e3c0e7f761f053

SHA1
b8454904ab8f254729266c0d4cac26ed5a43e7a8

SHA256
42db0710530ab64a520c2ef2f1cdab60e05ae2bd02d929130cc0e26d47a02658

SHA512
56523cf73add508ba9e5e1906479db4d9836b1132e289c2e5b0596a754d64f159bd5034734ddd35b1c86d2a40a89f7c173f4b1280fda59488e3bf77628679690

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
ad7e537df861710e6c19cd70ce764207

SHA1
5e555e275034f7248a10c4015c4cf29aa39724e2

SHA256
1f986425a1771b7ad84041e5aa77b478d4c7b82d74452da807e5cd15de32108b

SHA512
810b29b6626c6755c587e9745bc2f73c5b5840a476c155be487af2e5336ec5faeddd477f49459e5a5741cb8e9d384aa18c3cba331ed06c2562203ac5f2a56536

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
056ba78e2caa5bf28516f283bc9395f8

SHA1
5b9caf0ff5561bacf2ac8c30ad5caa456114d755

SHA256
4e2ea2684932f42c00d4b46e08d1ba89dde714ec88412be134431704a45b0269

SHA512
80dc9fe2501774aa52071293d81c87dfbea1af79c0c2919c5e1516baa502234628aef00614cc8bb7f2c4f32d5c2ba54cb57f27c3473bb55c0ed67faa44b76bb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
178KB

MD5
4e7ccdc421eb5d38e76cc7bbd502a9c5

SHA1
24d9ff85326a7d4c0ab1437a64d845df8742315e

SHA256
294c8e8dd335b6f11a8cd040dd19d9131f94439e8b622fac50c7338c5d5ee973

SHA512
3622cba4f595078808d5427db8024327f1922413f85dad810131242842cf61a5275bef4df2c962388478d147cbd190b1068fdb119bd29f0d2ff389d1408d17d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
3b40ca1f75e47214317277729a6f3362

SHA1
6af3eeced590854742b4504480d5f1d3c20fb204

SHA256
4e7753f8ff48386389761505ec4157959d898bef538c2653c0376feb329e2039

SHA512
99d50fab805a2f02d275b2969a33fecfd9ff1c6f03f23b5701b0aa3fb79198ed9628af89900ce3882c19f6b0ca323478aba0b04f369c4b7c01cfed8fe69d438f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
104KB

MD5
0ccfd1f22f3d951e4418b3a79ed5d00b

SHA1
f501bcfb76aa30f8ad1b869038b6c70b156d495f

SHA256
650f734cad39bfb7506f26f4f540b8daad68847630b1e4b907853f70b85f4143

SHA512
f8891e0f4f6df65a8c6801718ef90dd9551bebc4d554822f829c5c632cff0ed6e758239337f5fa40f16d65e4eddb935b18f2b265f9e7445b1452da16a5010233

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
112KB

MD5
8cf55b59373b86f3ba650d67a8eb5619

SHA1
42f5a779afdb31b9f96d8e5ac6ca24b30ac71855

SHA256
74dc8429d7160ece0ad363a94cebcab1e5c0e48773f77b09a6e59cf4c4d89218

SHA512
dfb3d975baad01e4807897f29f041beb86c3317d80a0c6833d40a38524e84e53e0b8fc95b0250507f70251645e8613b6dc31df54de793b6e6ff6a1b730c6e778

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
116KB

MD5
a402b35f0dcfddc0a556e5ed7985069f

SHA1
c6dcdf3cc7b09ab9120bb8ecc72ea8dca2e3a3e7

SHA256
cdc85678feff8a0511aae2911134a50ef449d1495cdc75da02bc3aeba3758457

SHA512
a252aa52d48ef7e932fbdeb151b8f6e96e5ca9d7696fa24086c7841fc0759d9e95398464c2649ca21332aaebf232fa8542960ac295ef5ea33cc8c83dbb780099

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
116KB

MD5
12f1d06dc913342b020b00aa5fb63ff6

SHA1
9f706bf7859e2addf9bff41f758a23ebcf91de8a

SHA256
722b694c98976c0aca94363bd1f1f505a54c91737a65b231d7970247975abf37

SHA512
96443ee7c497608b324aa88a7ea79648a1eb1fbf3cab813c71315f070b81775f8e0ae8d5bfabf8f4de7ceca7cead13abfb45d2f3783f78bf1fda353461108f0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
119KB

MD5
44c0b7bcb6b1d7588bd02eeed435297a

SHA1
7776448e16442605b749ce64770e588664bbc8e8

SHA256
e83b72a277b6258488313a223f7a69e9af46ab9e66de890f8f3bf0a0e6ac1783

SHA512
73cc2c65aa33631b633e004032386248f5c7cdcc31ec43479d4d3cb89320230574949ba544f90c46bb05bae567d5e5140010a6bf7eb138a31d115176f07b836e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
122KB

MD5
d455201141c898410933be1383d0d1ad

SHA1
b7cb4742a7103c4bca22e9f5334ef74b2389eab5

SHA256
0ce004ba452109c9b6bf3e82d2cd9dea8738ce329c8166c8203c178f6eb8522c

SHA512
77db044959c0993622a2ae9751f64877304fb4a49f5d4afef429758a1fd2908c589e73b0e83505d6536f27593f6f3504b5e5fc50acf26817081acc9734ad9d6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe580c20.TMP

Filesize
97KB

MD5
b7f25e205e0e6f3446eeecf3000bb32d

SHA1
e630e0305586478b0b6d10400d26ba724ea26848

SHA256
e67818374feb00487f60547a80ad88f99bdd0b79c09f42eb72943aa530cd9283

SHA512
82613e362e4a131e5062e8d00b754d7865e191796c60e738192a3c3148298f2d17293518a21b0732d1135a2d731d6eb97838c3b39daf3eb89af9ed82e9bd0219

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\7be6b663-0565-4405-aaa9-92366538770f.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_2042643646\CRX_INSTALL\_locales\en_US\messages.json

Filesize
42KB

MD5
c302f3bf1de7f9f9b3b00de3a8e9facc

SHA1
d795ce53189336e3343517ea4d8966df82d9ad63

SHA256
b97052643efe2d7ea5482d705aaaa59979eff3fb60e3da7b56b45bd28e09b257

SHA512
186e6e920bdbf78254191209e46388cd04331a09b193e76f548d579e480a5eb0f611a9ac186a04d2cc6f06de99db476f901994856bc49f0d09f24d6d7924f5b2

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_2042643646\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
2c9e24d5a2c4c380d7cbf88449f9a630

SHA1
4758dd8107e6b8cd240888be0adf206291da5467

SHA256
605e991c81c980fd24ca1fa5b96ec25ed52ccd919335152cb4c62c4c251c450d

SHA512
9e8ea244f9ae02b5208f9e534d551b3fe77f909e167c392ee98a34d63de928cb0685332b6ee2e46188647dc71e6e9a9f120094c61c2b0ec5a630649817628f5e

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_219581649\CRX_INSTALL\content\dwhelper-script.js

Filesize
10KB

MD5
eb89fa87f30c6a18d160ff9a1340faec

SHA1
c8ace0795643464c22cfc8bcd1e997fc13d004be

SHA256
56e27f86caf597f0c706e5d5a5279d3f7faa1247e52915e8df0b7d7867793c6d

SHA512
1fda5043296df04c27d832bd5dd52b5c1c87284a9c1d6dcf80e2a8fcc0fd48285076aa894f0437565d91a15b18368ba8d0fe43fcb4ca65fa055e44622b46c4f2

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\bg\messages.json

Filesize
30KB

MD5
b73a50e92e6425acb14bd90916987a2d

SHA1
d374b2186f54d7eae3c9009074065d5d27fb68d4

SHA256
bdbd28230867e338056e5f52795d57fee72c8ccb1cd2b974337b7a5a6d3c5e56

SHA512
8492e45991ba14320008ac7e8382cc6998eaaa8afa84755876762e2226377f618fd469f3f695970d8e903815db5f05538a99cf6b94e72c5caacc06b4321e80ba

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\ca\messages.json

Filesize
50KB

MD5
820b5f9f139a8a1b68756ba371cd1226

SHA1
d5ea2528d7149776d21ceeaed45ca635cb7e8fb1

SHA256
79fb06bf121f5b1b7083906d5844c7bf4530ae316971706f712470f7b457bf56

SHA512
122b06399eaa7e169d2165bc1bca46b0896485853b47512a691b043f759ffce059486017eb6561379054c5e0a762e70ea7fcc7cd88e0f7b7d9b276b035aaffbb

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\cs\messages.json

Filesize
43KB

MD5
4f2812ca054a9c702b8bee50b8801b27

SHA1
3baaae6abe96f4876cfac3119aa6b8f746ab8cdf

SHA256
02e0eed958063d2c4c2087a8d379371bd9cf67e9e429b451c4307d4707c5c326

SHA512
1dd5eebc6fc4921a14a93b739eff4f02e7ac888696ee538286b3739198e94722aeb35ca34a68a95c682acc171a8a2de286f3add560d215c90767d02e25de1490

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\da\messages.json

Filesize
32KB

MD5
1dffe2b3dce398525015b91c093f63ee

SHA1
764d49bd8d6535d0074a2b5c041f55d799a5f96f

SHA256
d2bf871d486956f2a68bcdc3da83e1ba1879433e8edf51b0e12f1d0695a74b2c

SHA512
e74116ced6458f1566e6b3be9af0124b3ec8ef4c3e797a97e6b70ea847375795a551ec4badace6135741aaf796126f37e151b9030f933736d439423a74e9a6fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\de\messages.json

Filesize
50KB

MD5
451cc55f7008f59e59e6cc468dc6e37a

SHA1
e3c184dee7dc924e29b8caf45c982e06dc88e45d

SHA256
aa17aed878817b170883a82a878b2d39a345aa1846189a68b50dde56bfd5b734

SHA512
d75883d0484a5958a142f89f502d08556c155d2535164504f6066a2697fbd122365f214eb1cc669de8cb47f10c312a4879330d6eccf601525f75c1653cc26c26

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\el\messages.json

Filesize
58KB

MD5
83414d38c86231a5159566206a1ff62d

SHA1
dc1507edbd0112681c88dbe962556fdaa38e7857

SHA256
5abc1de8cae5ffb37c99330b4bef2c1dea4c3b6ca043ad8b077f9b1eff0d0ea1

SHA512
d5e7a0b6cce3b7af2a793c982b7cc90fa0cb198be665bff244e80110d7585e559c75643b1c6665f6400426c91891908bd0bd06d9064557f261f142dc199946d4

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\es\messages.json

Filesize
50KB

MD5
4875020c1401f4e8b4d1d6d329c56f5f

SHA1
d71f25070d18d01bb0ba1b8edafa8fec2a2eebcf

SHA256
ddb1147fd59fe02dc29e2794594aa9c4e84837b38fa852cb584b0a1c8523bb96

SHA512
ddb49b06aae9eed436bc7353a2509f78f81ad58bb4d2917844ed9411c0acef239c578f4c77adf3b41ebbd72b18f805a09af99fc0ae3e0411fb09caee4ecaa8eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\fr\messages.json

Filesize
51KB

MD5
debbdb4844cf4fd79e314d8abbcba1d2

SHA1
751de0ca8c8041a6aa6797a155e415add727d873

SHA256
3ba12558c22a2255aeee622b03b6fe722cec9b8c658253a70408de08535a75c9

SHA512
6603b8b0edcf7f8b8b234536666e0cd1b27ca82f717fdf1cfc4495c58baed61e92a01d83289eb3e877bad1dc93033cf632b208cb83b221bc07cd54810560cab6

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\hu\messages.json

Filesize
44KB

MD5
7668dcc48f72e25a9324595526912af1

SHA1
edab435ef8639ea699fd837db1cd5479b8333936

SHA256
0bfe9e6aaf8d355eb725538af6c2bbedb665989d50cf171e997135d5199c57ff

SHA512
dfbdc9140f9dee0fe53992e3420b008800020a95d8c2a4e545c0b7b69deb6f5c8cb3f674bd21d10972d6b8867a1e2728185602901659952962cdec0802329d4f

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\id\messages.json

Filesize
48KB

MD5
c94a3f661d5b91a87ee90f04d92505cb

SHA1
e9e8946b9dd7c9d2117271025bf5dea3c2ef9940

SHA256
09327cc829e377f3008a41b50b8944410eb52fee11f2af182f4dd72174bfa274

SHA512
2e5de830b6d03813e2571e74b25785f52143280b2b31fc22a7276de475461613e7217ab15cff324dab8615418b2ad494d4a252c6cf434f9f10f27b12fe93d6a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\it\messages.json

Filesize
50KB

MD5
34c7aa6ed819f0d864a17390df48a247

SHA1
1d0e3cef73d4a0926be821f5a6b6df541fe70283

SHA256
78bb933d7fbb5bf096f3e0db9bc602bb7d87e8005d35a6c30dfe98e7c94ec1fe

SHA512
ac4cf7664d6d699e549c1670abca30eb7a31b4b9787f76915b6c456298291156c9065f65920fc088042bb2c8c10e259c436c781ba554208a67286530b9237827

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\ja\messages.json

Filesize
50KB

MD5
997f5dba08a38bd4320d293156d92b2e

SHA1
df2269a695ba7d4f26464f890ddf12adf1d5ef37

SHA256
a65259e1251382d6d05b4d36321746fe6f81a65e17e649db85d787c3c17bd2b1

SHA512
7541b2e347cb93c87aa79bb085866c7695a9e911a15af4807df2350c43d680684295c8a43bc4fcd08946366cb70feb1ba78d8deab9228b82c3e9c3282c16b8ff

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\ko\messages.json

Filesize
34KB

MD5
cb34ed783953b3fbef8e12c5ca80a79a

SHA1
c5b87addbd164f03aa06d97f84474e5b11b5c889

SHA256
b046df99648276865b3d0d341ccb9cb0e48324d428974e8a94856c076c541f00

SHA512
ac8a9ba772f0a4ef2b130eb8318223990a72bb9e7ca050326d1446d8ba9d8ded09da4cc4aace87a73ceaf83c98dd10b3627b17d362396498ebe019229df04798

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\nb\messages.json

Filesize
25KB

MD5
4ec8a90dc54174db146d591af8eb22d1

SHA1
39dc70ac12a760c292e1c3d4277c5a74d365356c

SHA256
72ca7a0a92647fb53d1878310d60c19b4b12c871488c09060cc0a8b4f9fb3661

SHA512
7386587de8d4069a1794823b8ba92d9de20637773123bc283e48fcae407d6a2dbec23de4ce78fc328465cd540b1539820e52e796c76daeb5f47efaf35b7cf1b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\nl\messages.json

Filesize
44KB

MD5
b3c18cfeed93e286cdc523fc4f48aa39

SHA1
ab189ad8c4b06f7febf22a7ac78aa86bc0a61c5b

SHA256
3f9aec967fe533793cb2f7edfd7f5d936f767ff83d6928456f7a7d7506c32b82

SHA512
d428ca56173e1728f634ceee4897b44ad5ba6f260186d339e131c1e4a6e12eba2eb9562fbf7e80302e7f5b925e35bf8dffbbe5c10fa2147a1392c18527c7ddd6

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\pl\messages.json

Filesize
44KB

MD5
908f7830b25bfe2591ecbea1de72a819

SHA1
ad851c0fa4823d37fca712271b4b2e276142a341

SHA256
9922434529ce544452856bd750b8696370b3bae1ba53c75e1dcd63f818563d8e

SHA512
bee2e3481ced68ab0fe9a5356a5400dd3c537352f226d9abffe1b44d532576092b991b0397c4054fc99f231950be4f046e2bff8eb6ecfb30a355765172c0cb89

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\pt_BR\messages.json

Filesize
45KB

MD5
5b9c0c9667d568a4b9e8ec3296c3a881

SHA1
d8a0ee2377b47aaf110212d7c6e6ff48585be8ca

SHA256
e6f8af520384da540a159c514c75f852bbd41d0ce69cd492aef1c0a49ced1f01

SHA512
92dfeeb7433859f6c76b86ac7f066a2a8904a0d3f902e17ac7a95c6c7002a05fe75835be3c04a7d341a743014ae32e163da2f1e2d1846e17e228d5c506d078f8

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\ro\messages.json

Filesize
25KB

MD5
53cb3583adf67e811b409d855ef92ee8

SHA1
740712d0e7b73c20b2821491dd3c2147657ab09d

SHA256
4f037fecfb637455291bf3722ab2ee3b166791a4db12b18083fe9961d9ecfe20

SHA512
2eb9e0ae50965cad7c67a00453a90158e643367854d234e92895dced4444ce48cab995c28b912a848284ac29311d177cb60fb877cd1b6028d60e722c3d65ccdd

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\ru\messages.json

Filesize
58KB

MD5
c087e85abb29252ede606b8f93f31f48

SHA1
a58dabd5465e82e93882c7c83399abd8cb11a87e

SHA256
179a1cf2599d0bb20773724a17fecc41d4bf7a6aedd85cf116d686d15cfd05dd

SHA512
d02074108e68d037beb1bbba6b87ef65da3df17300a6e6c3a3e9ef4b3b3581cef83e08566f470ac01fbc43515fee3380a334b83d067768db68a062ef9ace9763

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\sk\messages.json

Filesize
49KB

MD5
899d8d4fb5d20d0a8ed6b1fa1ba501b2

SHA1
829e99a387238babda437efae7941c35d96dd766

SHA256
675e6b146c940f6717ef03181cd36e88b7e97104315dd1809f0a9d80dace2bbd

SHA512
66cc2c6c8c8c5795f82706bcc3847a6c278b1f9a106f05358902be3e118dc7488af88f3ca9d971bee081e503814470e44d08958dda86361b95288417d9f92412

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\sl\messages.json

Filesize
43KB

MD5
da32420fa55e5005111ba5541e15330d

SHA1
90ba6805380e2bc9bffba9fbbbc9201be362e4af

SHA256
ad2f945b6dcb3e4aa256b4153dee2d9032ba4ffb442a52a1f2d78747d2b0b576

SHA512
81542c03a3edb19bc543259adf06b0ed6d056a8905bd5fb6e33a81a4e99b31d98aa4cc0b66334f4c61f5cdf937d645dc809397fde6fe296b7d5627a873475fec

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\sv\messages.json

Filesize
43KB

MD5
034f9cc9126f4a6cbc0731426502c6fa

SHA1
c5c7b96e277fcad15d89c7731e3a7cc76243007a

SHA256
836a5b0d703247c0d851c24b9ab8b544ec8a9850fc75a5df68b573c585735a86

SHA512
b78ef1246322e5bf9bd115462752bdd5a6bae70263b2b17657cdf0262210d8339f12451cf672d1bfc76eb1d5a85eeec5be8e858088b0807aea2ba3c87c69e48a

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\tr\messages.json

Filesize
48KB

MD5
dd0e233426778744c910bbec9b9048a9

SHA1
b9f264222ce65ecf73a7ebd66d0a03054a273269

SHA256
97f79fc19963d502586d3e3d2c38ba5ba462b05e5bc350cc0154ea69c456fb3f

SHA512
93e463f0b55fda1732a2da68d6dfd0378574cc4f12c7ded5ee04b90774f3e75b52095a2a3795a18394e9db10fdafbee4033c628525960d7f033154e5f3d895b8

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\uk\messages.json

Filesize
55KB

MD5
9910447eaa143d58b2646701c48587a8

SHA1
53683b9282900c00668d79439d11b21f6aa68aea

SHA256
f5ba15f5e7bef0661c003fa3d1b6437fd55e024622e01c76c7847d22cb612bc9

SHA512
6c82576e4030c7cad1fbd481eaec91c1f5358767b1af53ca2be05f9014d16a2aa76786b85bf60e9d2518ba1fc7c395e53d0ac8a945b868aa5788987d58444b1f

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\zh_CN\messages.json

Filesize
41KB

MD5
190c4754284219ede9118c06d85b6d27

SHA1
9b8e0cd8ea2210e878344589dd917a3a9430f11f

SHA256
401481b7d907458f3a84e285d2510a0897a010c963a19f5bc93ddbefad56fd2c

SHA512
5485b2d897bb2f20c2d7ddd69b6a4e5324b69b4ecf9be450a4e15387d521488876a9cba24240a5660c98469fb96b557d2b415089a0c85b8103658129442c1ba5

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\_locales\zh_TW\messages.json

Filesize
41KB

MD5
b175f7e6ec95084ba6c57c60f75248a7

SHA1
89e0152e4c3f2de73d585015e68ddf4dd342aae3

SHA256
32cde29649ed4bc6c986a67365bc3ecf0d86fca07b5903943483ae905e60b341

SHA512
6770052d6449914c2d6b08edc7cf8d2fcbaf233172b01e58f2bfc940f4003652fc76ba7840d91eff824c7afcfbe3f6386f9bd630f3c4fcd0735bf5f460a40588

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\content\images\icon-128.png

Filesize
19KB

MD5
c1ee6374f46e92122a059134d46e07ea

SHA1
ea31b93c32668eecfcdb76ea45c3a709e7ef939e

SHA256
11bb829fb759ea9ecfa046eb6eafbefd49a7caa7d7188d28834bc661a637b64c

SHA512
7da51d5498d59510ace0163e8dd06fb3487bfc35e5686ad56ec39eb781237bb84b9676289395cb9654b8e3ae89fb5db97ebacb8ae5a3e8e7a1d41d200c4fe143

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\content\images\icon-32.png

Filesize
2KB

MD5
66e1ec0f9f1bf37976e6c98e15057d32

SHA1
97c2cc0e3ca3d8bcef9c95cb0c510ee03364c542

SHA256
ed00a83c6433c91101e6884ed997217a41711714b0b26479ba56ef2845905832

SHA512
460074da1fd6f5f9b098937898abed9e875527a4c57c6309a9d2529e9003b0551b0939105526707936890b3d5359a8c5658f4b8d016772ab19d8b9483e525fd0

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\content\images\icon-40.png

Filesize
3KB

MD5
bdaca314657b5eaf3823b2f830b12310

SHA1
ca3682e235995a8404ddcb494f64448e10512a96

SHA256
d13eab059c204e9473b5c87513eb3d25dfef771937cd665b9ac51164a0a38006

SHA512
c3cdff3ead7f49e39e668500fcc771034460090cdd67cfc5c72667bd8b9910c45239999cbd06d1edaff671543f6535712a95138baf6d9d8fe7dbc90466b5f764

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\content\images\icon-48.png

Filesize
2KB

MD5
e563972d8e64930d0d07f21882226a92

SHA1
6fadda95d08b317724152e8a70c5bc08a4f4fea0

SHA256
98867726ae1df4f95c4db7fbaeb8730992ac55064918fb092d309900d0129f66

SHA512
b1c68afa95f05b110dc402e18f825982320013fdf3678df1f4445b2cb0006c92ed406edc9f322e5d3eb7b8653ff01a313f7666028ece51602a959e8aca7eb156

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4348_280066845\CRX_INSTALL\content\smartname-script.js

Filesize
18KB

MD5
37e98d7d91b918e12f7e75f470d4a987

SHA1
3428ff7e0dec9f64928f5d578f15e9644bd98db7

SHA256
765bf7de4f3015480f098e122f8f5678a83743ddcc3ae8b6559b5ace6927e299

SHA512
d7a37782b3d70d96fe11aa9265ea029d568da6e484a4a9a159a50ac6b58aa0c1d0f9f92043e8f1533b21d36d4af36172739510b3341972ed2f8964cc3128353a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
9KB

MD5
f5a154d6f15d03a2e44db4e41637fe66

SHA1
97d315ce7fd9a191b7bb31c7120a043557146c2f

SHA256
9cfbde5551d91ff7a9f9139b79fab05b2e6b43db095f0515c76228e0dcf52c3d

SHA512
3dbc1c5e93450ea3f46caa4f8a03928d28004c0882aebb242625b334a6e3a50f314070dcbfebec0bfadb30984178ce7c2a1edabec537564c5b2afd4db27e8ba0

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
11KB

MD5
dbf3aff12c02b50b845df640b7518224

SHA1
7717adb3167667469e790f4ca46cb0c5d42cfd13

SHA256
4b22d1c7e4c2cb3215ae72e02f21e458c3d975a3c90474e462e924a71c8f23d1

SHA512
58d0eb3d4ba2e64382ac7f2e689e520d6f76249eb0dc632f8bc6c9a9b045c05ff97a9ed09ce3417a7c05fecd670338f1e4303f3865ab7725db82951c260b8184

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 835572.crdownload

Filesize
816KB

MD5
20df53c04d65a4309f6c658778a63d87

SHA1
63640fac3354a298df5adb2f449b99a0d305b7d5

SHA256
760d0c75ec006e80789fcf5a1c1d1484c48c89145173cac6a491864de3301e01

SHA512
90219fdc1ace37ce24a3aabae513da3cc9080865f3dbd9bc93a68ce13f9e0e9469e1bb425d75e54ffd1a88d715cb340c628307e8a19e87f1fb78f1ea7a7ac657

Download Submit