hxxp://dsadas | Triage

Analysis

max time kernel
1800s
max time network
1797s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
20-09-2023 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://dsadas

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133396536160059789"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
768	chrome.exe
768	chrome.exe
848	chrome.exe
848	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe
Token: SeShutdownPrivilege	768	chrome.exe
Token: SeCreatePagefilePrivilege	768	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe
768	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 768 wrote to memory of 2888	768	chrome.exe	82
PID 768 wrote to memory of 2888	768	chrome.exe	82
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 904	768	chrome.exe	86
PID 768 wrote to memory of 3900	768	chrome.exe	87
PID 768 wrote to memory of 3900	768	chrome.exe	87
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88
PID 768 wrote to memory of 4688	768	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://dsadas
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff83279758,0x7fff83279768,0x7fff83279778
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:2
  2⤵
  PID:904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:4688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2832 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2840 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4644 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4732 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4752 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:1116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5116 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5112 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4880 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5204 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5292 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5296 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:1784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4900 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:1364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3288 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5592 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5908 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6012 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7336 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=7060 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7052 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7016 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6152 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6476 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:2828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6456 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6468 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:1452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6156 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5348 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7500 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7476 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8124 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8472 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=4760 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8796 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8828 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=9088 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=9028 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9328 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9292 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6176 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4600 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=4712 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9812 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=9932 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=10120 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=3228 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=10312 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=10356 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=10384 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=11192 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8128 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6576 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6788 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9588 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=6500 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=6292 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6588
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9588 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=6416 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=6188 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:7076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9672 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=1816 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=4592 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=6436 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=7880 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=10384 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9504 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=2808 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=7212 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=7256 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9968 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=7716 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=8620 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:1048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=8032 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:3732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=7692 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=5388 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=11444 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=7896 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:7136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=11460 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:7084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=12040 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=12024 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:7120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=12012 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:7116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=12280 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=12596 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=12500 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:1
  2⤵
  PID:6840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3464 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13912 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=13820 --field-trial-handle=1880,i,8514805792081596633,18112359393988975221,131072 /prefetch:8
  2⤵
  PID:412

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4460

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
89KB

MD5
a95ea24d55ce0d0a016cdaff6b3fa8c5

SHA1
df30e13bbb81d47daaf0fe2dee8d252e8ea29c36

SHA256
d89a71145b36ccd4c2c1fdb1586fbe624d8371e079338290224568abbba21bd5

SHA512
6825790e53d671dd8fa6d0bfbac136008b10f8ad40986ec86a6226ae3d48e258588bd51ee0246bbe6f99cba6b6e5fee85da3da0526d782cf053a951098316be2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
191KB

MD5
3214774fa44c6481279c63209e0b5688

SHA1
7e52ad79045e8176e8baf5088d6b8d73621e9545

SHA256
29856861d768c4a0fc4efa37ea522f8a676f5de02be61242781d49b0b94a680c

SHA512
ca16c10d1ad9a11196ca67314dd5dc77f8c5b36f0625649c0d4744e42d5f89c66db9b547297c06caa3e3d1ebedac7f473844e941b993fb9404786784bc48a3a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

Filesize
128KB

MD5
97a860476b55a60ff5506a80593df54b

SHA1
cb67db62ae8e9e2dd826a425f6cdef35a57cfd36

SHA256
8b374f3c2cfc86a127d2872a2d68b2cc41c723f75732d462d7e6c93306e18e2d

SHA512
e344c2dc00bcaef4ceaa1b938e61529208309babdbebb82f7ee87d6939c7c5d4540f38e4878c31c2377a7c4e9fbfdb923624546c6b974d1839d819bcaa75c276

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
30KB

MD5
9988ceccb1ea7ce468f8e39fe9a6f21b

SHA1
a79bcfe3bd8ff7c6ad616ad6f65d2ea0f12edfd8

SHA256
ead6c1b49c8e8f6f58c98378caaa33b552f3aa509b17dd6eac7230e08a9b842d

SHA512
79813908d584e79a1cecc90aaa5ad375915abb2aa31855ea0cf8373b025e63bf9d9359b599b09abb9ea92fe3c351af4eb84a3a5bc335d026cc05a7203ff8fab9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2d8810f857d271e353b544b000d972c0

SHA1
92e5e74b4cf170101dd76a9a62f40522641ffc53

SHA256
16cb262bca895d7949fd5c0af91854f5c337e5896310ee0e98e1afe44331fef2

SHA512
b7ccd369113b64595fef9934ed2879bfc0e17789bf14a71cc16220735072c1019b0d418bb26dd95bcb87abcc435a0ddd4e36537d373572afcb538e54cac8b109

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\88138836-46e1-4804-bd5f-f1328b3ccda4.tmp

Filesize
7KB

MD5
24ec082c18f17dfd08204d84e3760142

SHA1
ad9daf701d47e2cfd1a53bf12c14b055acf6103e

SHA256
b3391b3ef6ea8253206fde0208ac49de2f460b5a9ffce96c2044eab598290273

SHA512
37c5556bafbc460ce9153d78ce6e22f6fa57a90bdb4356a27776c4cb790da46d99d576f26651cd6c64d360b87ba1c4532a144770e0f86a47408d80b747a6146a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
24KB

MD5
32898b5cb4383887274dc890004d8e08

SHA1
898419941d287e79eb6d50b2a233f461b4a69d77

SHA256
3ce7f13588e48635dd6825e123b4516aef1ed97765b4fb1ffbeee9b89a1ac20a

SHA512
66f0b3767c94d5e81bcc4ec24d634e85d45b94f726ca56eb7ccf0545f43bb93f764a1610a20fe5ee2fbd77378b9ff725d93d91acb9c18a264bfce807c27d0936

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
25KB

MD5
05e40db80f7a45aa1d230f67cb097a65

SHA1
dec2627d8b7e647ca762824af81c4a1c8e8195d3

SHA256
5ad476d487da6f5263677943bf07901aa7d831eeac7c11e38463471091e5efe9

SHA512
9dea0c7d63e0968d0c9dd8c01f8223860833b201a8e417865277ff7ec045631e4f9d91c020b32afac62f4df2039525b3846e1ccb91a49bb5fde694038d13dcdc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
25KB

MD5
46671f46868c296667d2e37c7402a0fd

SHA1
117c4dc12511c267bd2830117ae8ca859f34da14

SHA256
bf81e20b462419cea2a3098060681a20a7cceb85b1c55c8dbcd6c3ca2386909a

SHA512
58b8b71edf697ab2564e1d6eaf1c2b40a6f9a497ee5b50241d65fc2672b3bc1b237a5f5b50f8671aad5e4aca99d62c66a9248c646d448994244fbca11020ce7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
4f3b85d35fe5dfb0f184941552d2a9d1

SHA1
a0884a0410bb12f1463f4c69699566629253a9e1

SHA256
203237ac6bdc424a68ab739db3149e39159489790ece399b18378ca653bf2bdf

SHA512
9c8ec6d6c357d10eedcdfa407c8a599059b35c1819c21b423c748fa5698411c8f49ff7704d3619111ba7597df2495467fdadfee2bc5d31b0d4e56af15d628afd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
0f70b24827425015853ead7ddededa10

SHA1
680c427a8dd006da9e64fb2a4b5177cb03c30738

SHA256
a7eb2077d22dd75c1281b7da850d6003408aa31d835526d9613cfaf4a40a43e4

SHA512
f544e35322eee242ba5c44beee5da178d6a36acb669084aabd03fe8208296fabd84c534264c30bdb2367ce1ab724235a46a2d02cd6f2e37c754de49271f158e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
04f8ae863f5208d3e14d09ca54b41c07

SHA1
0531cabefef557e1e8eea5f38703a1ee40389440

SHA256
47414b2e6937cd25bf66ee6f6744e419f85dc55ed152fbb12eb6636f2b5550ec

SHA512
f65c6120a33199fb9b12a8a7ee8c5c5a2fca7499a5e64d8f3003d93984efd2c0f609b95a2ed122b60431e619d73f44356f9c83b8bcf0de51664f65a05d2883a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
bb40ce37698c346c2ac06b4588b59b16

SHA1
d3ffbe4dff97df930b170aa1f3ab6d0a6164b63f

SHA256
778c0cd9123a15358d0f5ceae4ad7626baed93f19cb78f8a26e4bfe0c4cf7ca3

SHA512
2890e778cad3832ae7e7c3b4e3a108adb5df41226b09a7141defd8b9fa863fc6f250fea81df01d22b2bed66747fc0c909fa5e015f4db0daf8d66e32295261355

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
9b2c7489777b8944e24ff588badea4d4

SHA1
24aee9a673909e116d508fa62fd38b5bdeaaecf2

SHA256
77ec28ac15809d29f344102df1875999b4aca405f3d66169c554df45c04780e2

SHA512
6329d6a9276b4d44b0980d2bce44698b112e5dac6fd4a233a2428e513aadc5df06063cf6386633a74f111a41b969e1d752f511c91529e9a1e878abf009c246dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1f35923e9d0be17e69076e2b53cf7bd9

SHA1
c706b561d72a77b9c5f17636da5919927faf857b

SHA256
09493dba87cbde493a937f16a45024196e56d45f06161a93621c0d2908edaf49

SHA512
9b61bca5bc4b7175659235bacaa14758e2101cfddcc0847943cec14f1afd5aeaa7b839f9ee55a61e9b01edf407a40e5983e4d9fe998f01f7c278490f1c37174c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1e3c1f764df0b942c106772860182441

SHA1
aede02b8f8deb697a1e499130f9623cc8dd1dd7d

SHA256
60f0f29edebb5d1964bbcab371278626d166868cac66c710ea02370e1d450a7c

SHA512
725b22093ac82409120b9015733e1549941c83710adc9022675b54b44872fabee85834801b20e0b98984df0a8a181bef2e683b0adb3b683406bdede2291cbea5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3d311faee5a079554591746fb9bd7add

SHA1
1773a0aa8eb63701b0acf69d57bdf60e77a34f94

SHA256
26fe1a152bcad5ff6fcc0d67a504355fe71145e238ac9f78237f8425a9873838

SHA512
50bbb2867df4a0359343144f7b3c6ad8ebc1acf10baf300b12e7bbe4091a835a5b81a281ba5f74e694c6d6b8c6d8e17d8f20b20c26278f53da222abcea243969

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
bbe40a1ea60a03a11c72942a9005df42

SHA1
a332d08eb3949f1bea79fffa069a075322249cb6

SHA256
7839aabbafb6db29aef4b572e56342b0db0eb8662e6dcf3a1848b48b297db3ef

SHA512
3c2b76dabb76fbc605d97419445e757a04d14ff793cfe423e107f2c0fd8681fff99b8d0c94129e6f748d14bab2a513076d8671bf3abae6a5318ffae814efcd39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f5e9.TMP

Filesize
48B

MD5
ef0c77c81a90c9aad336c2e26c0f99db

SHA1
1dcd7b39d7aeef6448ee11bd3c20bb17c25604cb

SHA256
695b7d0a1e2a393bdb6709c5b0dcc885f51107108a512ef1da52d4a7a7469510

SHA512
d7c55435f60934e25d69f95e6783637c89b8259563f09af0ef5e2a2d5312e66c34dcb08968d47fa82641659514900cac2628d2a1080738f21028705dcab0d347

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
102KB

MD5
15ee992af8c9d0d188a586c1f71863da

SHA1
6eaf30b319dbb367c26262792cbc5bcada5a2a6b

SHA256
284cbc9b30406a1a8b1da753b5de9051ae1d4fa8eb582466fe20cc2284e8cf1d

SHA512
c6608d816087d5f0c42b6a71d2a08ca77dbef82321e0fa44340ee54a30a507314eebada0cc13c94bc4fa4c5cc5828ecd9c0725c167c0c6219def63fee9f3eba6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit