hxxps://google[.]com

Analysis

max time kernel
139s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230824-en
resource tags

arch:x64arch:x86image:win10v2004-20230824-enlocale:en-usos:windows10-2004-x64system
submitted
29/08/2023, 23:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://google.com

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x0006000000023201-992.dat	upx
behavioral1/files/0x0006000000023201-1019.dat	upx
behavioral1/memory/5712-1020-0x0000000000D80000-0x00000000011C5000-memory.dmp	upx

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{EB4F119C-9819-4FB8-96B8-3FDBA917ED03}.catalogItem	svchost.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133378242154800088"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
5492	chrome.exe
5492	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 48 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe
Token: SeShutdownPrivilege	2256	chrome.exe
Token: SeCreatePagefilePrivilege	2256	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe
2256	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2256 wrote to memory of 3784	2256	chrome.exe	84
PID 2256 wrote to memory of 3784	2256	chrome.exe	84
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4036	2256	chrome.exe	87
PID 2256 wrote to memory of 4228	2256	chrome.exe	88
PID 2256 wrote to memory of 4228	2256	chrome.exe	88
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89
PID 2256 wrote to memory of 4188	2256	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://google.com
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcd1c39758,0x7ffcd1c39768,0x7ffcd1c39778
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:2
  2⤵
  PID:4036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2200 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3200 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:2228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3228 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4452 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:2896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2392 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4976 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5320 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3360 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5008 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5624 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5796 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5956 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6112 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6320 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6436 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6608 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6688 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5964 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7096 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7352 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:2956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7492 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7716 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7864 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8100 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:5416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8168 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7624 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=8384 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8528 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8632 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=2392 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7272 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5320 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=8960 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=2776 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=4960 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8248 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8580 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4372 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7848 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=8364 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9476 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=8568 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7668 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=9524 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8748 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=9892 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9904 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=10144 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=10064 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7852 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:6908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9372 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:7004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=2828 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7248 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8608 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6764 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9012 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:3948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9540 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:6196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7228 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:7076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8884 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:2484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4460 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:8
  2⤵
  PID:6480
- C:\Users\Admin\Downloads\Reader_Install_Setup.exe
  "C:\Users\Admin\Downloads\Reader_Install_Setup.exe"
  2⤵
  PID:5712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=10344 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:5988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=8104 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=8244 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=9812 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10488 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:6960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9492 --field-trial-handle=1688,i,5993817856918005183,2710710252082727935,131072 /prefetch:1
  2⤵
  PID:4584

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
1⤵
- Drops file in System32 directory
PID:4960

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2172

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3f4 0x2c8
1⤵
PID:5480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
39KB

MD5
6a3bb9c5ba28ee73af6c1b53e281b0cf

SHA1
d96e403c99c1707f82ea29c2c1f134e792c64097

SHA256
2f5adfc38558162578ffe112229f10417fbc4b3df025d153d4e22a0c95177740

SHA512
6c4844f70969938339cb6716a834a79e1a8379459c87b983c2518b9cbb560cb2f101aff980f682989928523be6cdc99bde3bfd8137f9c54a58191b900b580fbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
301KB

MD5
f3c43ebbb0eaca769c5bc12531ef0f2c

SHA1
b275298e58e44605a8078a8df9b9e8ad7f3780d9

SHA256
01f56edc3da0737372a32a3b570c12527c7b6c1ac8d1706cc555b29b2e379500

SHA512
b3c6e4534c4058b1dd0c2d6fec816ab67a460757b27c7032af31ce20f0960419d6dd01a3c2cfc0a2daf2e4c08ff646413750dba71f97db4dcb8d4b1b6a3f8bb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
108KB

MD5
63874e0b14e305b743fa9ed438a0ed75

SHA1
3c870ade7006bb0ab5b3fe8e41760fe26c197e61

SHA256
bb145fdcd5d9e1a3b84cc5dea2e09f60ce24fb873bdf480c75f3de1f4ccb8953

SHA512
809772e16e231df8ae127697b22817a40a54bdbd3c6013d9dec3fcf5e66f6bee13aed9028fc0c4ec23235ddc51f1c7f55a2374ee6a93f8f0f43182fda471f973

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
71KB

MD5
e6b53809b61103227b18cebb14fc4b78

SHA1
1da12ed84d56b0b1a6abf19274c70f3a9c55ed37

SHA256
e0706ddda79ebbc36ca014c0ce5eed8502b39ae030a36fddc12386ede6063e60

SHA512
1efb84b5913e51fd394fa2e317839e6a76f7333302ddbe97592ece61621b5e9603aeaab0866a7c7f550c9868bf059e01074126ba3926ee973239e005f46347b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

Filesize
28KB

MD5
25beff149185bb736a33c3ca87ba9253

SHA1
c44cf25eb11ff967a68c2809d4b0017d8458521a

SHA256
f414278e7e1b5c29be0617edcc9c09ed6beda41a450e1f547561ab69cfcca5e6

SHA512
3c382c068cdd8e6e4f3f8fc50bd5d62f0cc903c1b6395ef78027b4becc60626b2a813e18788b67b7657615c55ad304df6e5cf64c1648f0326fdf72b1c1698d3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000080

Filesize
56KB

MD5
da42fe3f930dd74503e4ad64f189a94e

SHA1
4769c4ba7d418401fb36a2a8b4f08a6a90e7336b

SHA256
d4b300b79a3e1ef81f249ff8d21144a70ca4436bf34755be82b32e22c2bb69f2

SHA512
f21d05873612d7cd158b48f83c040e368e18cb139fa201e81378e4cde49ba92ff739eabaa1ae99b5a42c65ae10ba41131f9314c2190980e2f51f4bed28ef7bc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000083

Filesize
77KB

MD5
fb600d87f403bcb3106aa2e13cf845e9

SHA1
613ad31128c3ee99b19b7f24197d4e6d2a6345f7

SHA256
1a03564c205e07669ecb8aefa081800849799700dd2ef40f96746e9c01c29685

SHA512
dcdddf658a1365646a4874c4ff94dc3630648c71cb4cf123a18e37838e1c15ea356e7061db6186e40ef75ee69cbcca91428e877ec01ebde6e277e8e4db09716f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000084

Filesize
523KB

MD5
437d21cf382c6340713bc8d0445fd1a2

SHA1
8a5fe3cb842f0dfec236e6261341081d4e33b24c

SHA256
9a6ec1f8e062ba884376506c6b5e3416e4ee1947ab31b6c8b075fd8a5075a110

SHA512
a3fd0413eac9cfd7da3455bb0d504d217351f979a330c1fc5f29865d350e503a39b52afb0ebfa265e129b44e04672f7d96e976c158ea0ed0a2c56ea978ae0416

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\291d4c7ac28bd4ff_0

Filesize
2KB

MD5
794bc7ea3ba664fa8ca62068a05cf290

SHA1
dc75ab4595dc98071ab5550777bfae70e7ea4b6f

SHA256
c7d44439aea6416ef136a1117a0ab4054dc6c4eb5693f5298b8dcc9acfa07fd9

SHA512
95efd6aa1961b359fd0c1ac7dccae55fc1138bb4feedd5d22a3e8f17826ea1647384aec678f4e8ca0ee7c4edec2aa5978c021f8dcdf30c6847a0f0a26968ec2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64d5ef6d5ef585ac_0

Filesize
1.4MB

MD5
6394bb3b2e46dd7c3b4a6cafe4c18a8d

SHA1
864cb9a6da901fea250de2552f17bc3a6dc2a38a

SHA256
8b586bc1603ecc559018e1287db400519e29b54b58d8edaa3f4ade4ea3ad0084

SHA512
c2baf51b0c28a8c7437b57373043e40c6079f9527546c78e401cebe02f55fc041929e5dcc41e21a41cb73838438d375f75049aba9932d6dc8133b012f963ff70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
1ac68eeb03027e253d9164cd9f0dc260

SHA1
46b90ecdfca659e7138a781bb0fb34b8d30f7ab4

SHA256
f13ecc8012ceef30896bcac982f8b4f882f0ade7f098df27b9a0ae7734035bec

SHA512
475fe971c01abdc2b16bbbd5fe358c2254fd0ec27cd0d7e1b1e2d7e423fda5d9fdb8126695f1b5076b1a7eb86ee7085399a5c08b7cdbbb066fa865f9d4a5ce3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
7aab317ceac1f47ec0374948878259d9

SHA1
0539371e766f1f45f9e977a042ed35862507e04e

SHA256
8532f650f89cfdbd9376b35dac2a32ffc28cbc47961b3685a22b1a1d1f0e7715

SHA512
8ac27c6ecf6a53a78966219aaf7c908300d0c5deb78775fefd925508245a6bf25f6f92596e67feef15d9a027035be012d92ade6c837da02893a75a0cfb9194a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ce96e2711a0df173f278ff2f49aba874

SHA1
2e52be721e8e8bdd7d8b7804b4f6776d0a069fa9

SHA256
d691ad742e177258e8fcd248c739bb17f1d6e23f4a2840c8140ff9933c0b2741

SHA512
a893d3b8a87a5831f0ea306b098bac28240879a3ff7e6beca2f4c49a3333ce46e0f086cc1caa80ce236f2738e20ca69c6c30e12f9e8e7a910c3bc44eed78709f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
f5f43048d4d5b0258240e614d542539f

SHA1
9409a3a63febaeead33395386445ea4f7ffbdfd0

SHA256
225909177b4b7a6c0c617daa096d0c8d9c5d96da096361f977276354a525584b

SHA512
63c95f89b400372b1e3a4f1804c3017a3d210ed051754eedaf6c6970f887e129c91b813cb4209c9cc301b7d32bd2294c72200fa94bd5c2c6d9a6256b4c69048f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
d2253701bd2d007ec4479b6f9d585ca1

SHA1
acd544595fadc848683d10e3ddea0d3d1ab527b0

SHA256
a0eb6663bb534a63b69c3c40e49e47e41bf90fe1d7473ef8ebb4a1776f21bf4f

SHA512
5d7fc0c21bf3b100352a6959701d6f952c1c29f674736c585550a4d194332fea7d7078366c4a8310f5913147f3eac9715a612b81793394298212b77c992698e1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
501621060d0220f54740bc181b32af1c

SHA1
e051307dad1f9afd8a8e52d61f9e934fd5294630

SHA256
448b04c0640eb703c3cd8bac3bd7fad40c3aa50779cb29a07379f19ae70973eb

SHA512
dace03951390c0b2d5a78bf33018fc86606927020b0a3a984f27b2920182328b84982531e3de6ae70710c08023e59670a3f4414947ce86ee93eb883d27eee040

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
33c92bababb5721772162c4efb676048

SHA1
a7b0356e2ed24819d638d219c7c7efacde59d023

SHA256
db1a10647befcd660e39bd75e8b61ea835993b0d406c767cfcc7fe6333d13fce

SHA512
84d1282e5a0cfe4828b2a7f7fa6558fdffba72c65f90e1f2b8bc460e52474dcd2a1acfbb8367762973e5fae7bb5bfd18203997eafeab42d2534737843e8b1052

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
6b5e1d76102306a965726d2a1c46595e

SHA1
871b8a3b4d4d0517af553bc63874f7db86427048

SHA256
a27de3d745a2a5817340a231454f7513d64bcb7420551ba5b4a3a56c7be022bb

SHA512
127eee8a788075d7769ef075db7b54b61bde3041cb7ab33f67fe80b375e28e22fe18b8ed4ce48fbf28d39653d8f37afaaf30f29e62afbe4d00bda297681c29fa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
ec914ef7e69648ca7df5c3e46155590f

SHA1
3361c204361e6a0705a725fae26409586a3c6a83

SHA256
3c7939d410b51b40c1222107af29c8a87018ae41f40eb6a01ed7e96d2760c94b

SHA512
f8da2dd72e05fb8797cf7824593c35b32bf70384421af91821b97a225a47eed3801cceedded4b021b7626bbe7d09e149ad60272ee7d4db4d32d6aad20c2ab190

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
647dbc311b82546a7b046e510aa986df

SHA1
eb6bf424827240fa6de4869b646428359229277e

SHA256
c779ad396c80070dc4c0c2559e3ec5e647805e4da5360055ae81f102c4dec78b

SHA512
c4aeb1f8628ca5be80e30b9ab9a059fc344c078f8cb3ccb18732ce94c1a983fc5d7b7f0348292869ac3c035daafd76fb38166041f66c4c8b2816d7e6adf12b11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c3f089e991d54d1c8256eba306a72863

SHA1
0cfca975229ed10567cd0541bda8b007ecbc9d9e

SHA256
73e81d52620284e7b4f51db4c00cb638c8dfed86d1852d3e010660fb13e51d8e

SHA512
bbd74284cdfb06eea687b37102b81129d0bc41cd94faff3ecf7494e3181c4120b5ff98e89bb06424ccf1503dc2749ea86ac178f2d86614382269143449b299f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
019feae8ba2efa8b29ad0a933beb17b2

SHA1
19ff42300c09e0ecd2917dc5e47f4105890467fe

SHA256
fd7ed5111673352d597379e38c17fcdcda9791d10582dabb7dcd55624259bab5

SHA512
28b6b95ce991bcab7692da1f1b60dbae187443836e1203fa6506aa39b877478b01504d5f348927f26512a148f0d33bd792a77d725687efdd368e575a02c40e89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
d2bbe7e93cff2873583659f79d8164e0

SHA1
0847452bec3463fd27c28fad040f82dc1ee3e529

SHA256
29b035c8260a78181a5e9062f359baa5b90c14e6aac2790b8257bea6f109feb0

SHA512
6dbaf980bf42c202d9a5d719d4318eff8d3c4105475a9ee5f1e13837c6b13aba1f3bd71f8a8a36d3ea26a32a57e296589ef73da2165974a32cf110c022671eb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
66bb02823237cadc4cdf3a1c22c09cf5

SHA1
f30f05767575d30224b86fd48772db81c19b8806

SHA256
a81258f101f7726e53262476badd191a19dd10ae8aa375b39efb02df4c9d85fc

SHA512
b684b198eca89b12ea361b5e50da853202f009b4c3cd65decbb021c039012b096ecc4a79ba57378bbff87e92758f107150e46eccf9d1182087c0f0a8a037cf4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3053a0da8f790697b4c98ee46f75b397

SHA1
8917167e2623a71501e77b36277b9a67b0fbaf95

SHA256
982b69c1775e8e6f16a43335e270c3c07ec5b8f0422c6aa7a424e3ee31fc4bac

SHA512
7f5f79e910beef0c4b23d0cf02280f80f9f51dd3195108a7a8e3c157eccd5a6ba3769f4d0830a5ff5256578967cec2bae87aa564caf511b039e6ca7ed2f9ce70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
6275aae6652322d3705cb9e262db3d37

SHA1
80103bce51a1d74c31e8e69a2a81fa1673729410

SHA256
e77a0afccf83a7f4a18ee0ec989f82d3c84d86eefa9c8b58f1a5abaa398d47c4

SHA512
7f4bdf8d427909795b8b5480491cab8d8dadd43743886f0ce398756fa5ac823a241c9acdf970e8377feec7a1b9161de11248f0561364c657b3ff4a184074547f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2d39d1c51e1cca5f750bcb3746ee02f9

SHA1
d3443d1992e4e1f4ee9ab7a9d4aa5f1e58531194

SHA256
278033d02bfce89a389559ca97b8d4280ffcf9cd36b808ac8c3dc9e719c7fdd5

SHA512
e3cc211a2560f20f405a0bd0350e285c7094c6e3dbfaea568403ccdf3cdd78250ed123b638c229ea505e2c7b8895e63c28c1cef88c4d6ed740d3bae89232a0b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a03eb81319f3c9745cd05dd25b8c9a46

SHA1
c12fe1ca20816ce507a037c2f4c9564ace219ca5

SHA256
11265e3b1a445e08c7d91a85fdb2521660ef4475ab76d03f18722f0b62ad3dbb

SHA512
5f652b0e3af3602a6d9167f7a2f2fefd9e4c7b081188f8c1aa4d95e13e4fb5b2f618b3ab9381901d8c5d91dfda203dd1c5e059375f7602c24dfcae4325a6ca54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5989f6.TMP

Filesize
120B

MD5
c859bd50bbdbfffb414af1038278336b

SHA1
047ba22c42400a77ba65e700e23cbee139479ec6

SHA256
d58d9d9172c86ecaaadb59ec32d7e16b5f5b3c560bb39d4edd9fe86351c44f3f

SHA512
46d595d3c8fd1999f15d06dd8cca371c3ddb5a20b5539f340944da4db65d7d49fa30a00318a2462db65e15f8a2a543d076ff9781670a22afaf3278047639148d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a8869700-f814-4a85-a961-152f35df3710.tmp

Filesize
5KB

MD5
2bd242178f8a2b130c312ee7d68a6c87

SHA1
35e5a484730643226d7c18ccbc2dcfd139725f2a

SHA256
42a713ee8c85c5814f8c486082186a4a2c79814ff4c9ceb313df9967844e0491

SHA512
869db8df80208e4f2646d572215af801d5e202f6ea7afff70a4a429f6d50ae1ef331de85ed247f4133327b4e964eae2d39d1ccaa3768b29bdfef0fe25604328b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
94KB

MD5
90c17af01021a55a78e13bd0e5b9228e

SHA1
3fcb64a267f4e8bf7f5d5aebc0e13c1b6984bb69

SHA256
9e1ba9ae44b2d2129f058a3f08773e924c2ac3090576a5246071f604274ed09e

SHA512
8e6de20c45c51ff2df6e4a0771d13a09bb2e96a15b605c51609d2eb8845a5e1d5a661139d39246501538f8bb78b56092f3a5eaaa3c57014246828ec2f9f90e42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
94KB

MD5
2b1b25486f19c9e9d73765db081b4fe9

SHA1
b2a896e49d71fd7ef60206740b235210d4693927

SHA256
4370d89bb1c83bbd5c8142e74a37a872d32dc94162f02a72c048109fcf2f49f0

SHA512
22f25f2289b90b59eccad1fb86ec7ca7d44b5826459e4a014ba0134cd6799b4905eeaec61eb9fcf8749cf24177982b59ff1f43d03b7fb04f90d783745b453cf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
51f65c12c13f0a19b55f1751c30f7498

SHA1
b2fae03eb3fc167df3795fad818ff4e15fbc879f

SHA256
95ff7602a3022478603bd77d5803b97f67b962e484a2df4a5f0ffa1c4b9f9b77

SHA512
6b8344674fddada141a3fbd88226bab3f19616076f4c29cfb523fa3cd722a415eb3b173630aed65642cac3145d2a43eb0cfbc1fa9f30383d4833048cff129926

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe591488.TMP

Filesize
97KB

MD5
7ff0ba228300ee1d64a410ae9a185ab1

SHA1
59986e84b58ff5b436ccabf41ab75bf8b787cb2d

SHA256
55efbec69fed298d99c39acfd77526f374358a14aee82eb446dd18754c533591

SHA512
e4bef7ccb8229495957dde4555331c8d8a09b0a11b95c7b6a9444e2558da02e33515cdbaa546d7bf9d311316a1af6063388e206b2bbf2297ffd877e7b9aa718f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\Reader_Install_Setup.exe

Filesize
1.4MB

MD5
b9efbac9957ad4ef2e2c4a936b9ae119

SHA1
291883cda75053056c382ad99e87e779f20338de

SHA256
742c8928e326530c8157a55805e2fd4b0189164c4b0533609ebd8f8d766a0376

SHA512
dbacbbf9cb2debfbc2047ed10914d09ccfe109582aa74900ec841694fc7873025d5979998428ffafd16883dbd4a778664402e6402d8f8b6b7a7ac5c70bb9351b

Download Submit
C:\Users\Admin\Downloads\Reader_Install_Setup.exe

Filesize
1.4MB

MD5
b9efbac9957ad4ef2e2c4a936b9ae119

SHA1
291883cda75053056c382ad99e87e779f20338de

SHA256
742c8928e326530c8157a55805e2fd4b0189164c4b0533609ebd8f8d766a0376

SHA512
dbacbbf9cb2debfbc2047ed10914d09ccfe109582aa74900ec841694fc7873025d5979998428ffafd16883dbd4a778664402e6402d8f8b6b7a7ac5c70bb9351b

Download Submit
memory/5712-1020-0x0000000000D80000-0x00000000011C5000-memory.dmp

Filesize
4.3MB

Download