3347e2c1118b827092b642296a28272145791bd62448a4e3dead412ecaa52935

Resubmissions

06-05-2024 18:06

240506-wpsk3ach5z 7

02-05-2024 11:14

240502-ncdx5shg49 6

Analysis

max time kernel
569s
max time network
579s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
06-05-2024 18:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Solara/Microsoft.Web.WebView2.Core.dll
Size

488KB
MD5

851fee9a41856b588847cf8272645f58
SHA1

ee185a1ff257c86eb19d30a191bf0695d5ac72a1
SHA256

5e7faee6b8230ca3b97ce9542b914db3abbbd1cb14fd95a39497aaad4c1094ca
SHA512

cf5c70984cf33e12cf57116da1f282a5bd6433c570831c185253d13463b0b9a0b9387d4d1bf4dddab3292a5d9ba96d66b6812e9d7ebc5eb35cb96eea2741348f
SSDEEP

12288:W/TcW1virB3ye+iKzORFNgeA+imQ9pRFZNIEJdIElxPrEIgcvLcglxMwCepM1STy:W/1C4I

Score

7^/10

discovery

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Control Panel\International\Geo\Nation	JJS-UI.exe

Executes dropped EXE 12 IoCs

pid	Process
5896	Synapse Launcher.exe
6100	Synapse Launcher.exe
5612	Synapse Launcher.exe
5832	Synapse Launcher.exe
5468	Krnl.exe
4504	Krnl.exe
1080	Synapse Launcher.exe
5556	JJSploit_Installer.exe
6572	JJS-UI.exe
3760	JJS-UI.exe
5896	JJS-UI.exe
3296	JJS-UI.exe

Loads dropped DLL 17 IoCs

pid	Process
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
6572	JJS-UI.exe
6572	JJS-UI.exe
3760	JJS-UI.exe
5896	JJS-UI.exe
3296	JJS-UI.exe
3760	JJS-UI.exe
3760	JJS-UI.exe
3760	JJS-UI.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Legitimate hosting services abused for malware hosting/C2 1 TTPs 14 IoCs

Web Service

T1102

flow	ioc
1156	raw.githubusercontent.com
1041	raw.githubusercontent.com
1076	raw.githubusercontent.com
1114	raw.githubusercontent.com
1131	raw.githubusercontent.com
1040	raw.githubusercontent.com
1082	raw.githubusercontent.com
1084	raw.githubusercontent.com
1099	raw.githubusercontent.com
1080	raw.githubusercontent.com
1086	raw.githubusercontent.com
1088	raw.githubusercontent.com
1072	raw.githubusercontent.com
1078	raw.githubusercontent.com

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 24 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies Internet Explorer Phishing Filter 1 TTPs 2 IoCs

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\PhishingFilter	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter\ClientSupported_MigrationTime = 12c356b36192da01	iexplore.exe

Modifies Internet Explorer settings 1 TTPs 20 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Main\DownloadWindowPlacement = 2c0000000000000000000000ffffffffffffffffffffffffffffffff100100003c000000900300001c020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{965F9681-0BD4-11EF-9107-DE4765EB3FAF} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\RepId	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\RepId\PublicId = "{EFE6CC30-2545-47E5-ADA8-DC61C4C567E0}"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE

Modifies data under HKEY_USERS 6 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133594925178725413"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file\shell	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file\shell\open\command\ = "\"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1"	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file\shell\open\CommandId = "IE.File"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2 = 14002e8005398e082303024b98265d99428e115f0000	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 000000000200000001000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file\shell\open	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\.Msixbundle	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file\shell\open\command	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "4"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\MRUListEx = ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe110000003bdcbe192792da0132f406b6e09fda01c2cae3b7e09fda0114000000	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file\shell\open\command\DelegateExecute = "{17FE9752-0B5A-4665-84CD-569794602F5C}"	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Msixbundle_auto_file	OpenWith.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 010000000200000000000000ffffffff	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\.msixbundle\ = "Msixbundle_auto_file"	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\ꕡ䵘씀蠀\ = "Msixbundle_auto_file"	OpenWith.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\ꕡ䵘씀蠀	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-877519540-908060166-1852957295-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
5812	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 44 IoCs

pid	Process
900	chrome.exe
900	chrome.exe
2968	chrome.exe
2968	chrome.exe
2968	chrome.exe
2968	chrome.exe
3988	chrome.exe
3988	chrome.exe
5892	chrome.exe
5892	chrome.exe
5468	Krnl.exe
4028	chrome.exe
4028	chrome.exe
4504	Krnl.exe
2164	chrome.exe
2164	chrome.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5556	JJSploit_Installer.exe
5896	JJS-UI.exe
5896	JJS-UI.exe
3296	JJS-UI.exe
3296	JJS-UI.exe
1668	msedge.exe
1668	msedge.exe
5228	msedge.exe
5228	msedge.exe
7112	msedge.exe
7112	msedge.exe
2044	msedge.exe
2044	msedge.exe
6960	msedge.exe
6960	msedge.exe
6080	msedge.exe
6080	msedge.exe
2656	msedge.exe
2656	msedge.exe
3628	msedge.exe
3628	msedge.exe
6956	identity_helper.exe
6956	identity_helper.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
5580	chrome.exe
4292	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
4028	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe
2164	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe
Token: SeShutdownPrivilege	900	chrome.exe
Token: SeCreatePagefilePrivilege	900	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
5720	7zG.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
5892	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
900	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
3988	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe
5892	chrome.exe

Suspicious use of SetWindowsHookEx 34 IoCs

pid	Process
5580	chrome.exe
5580	chrome.exe
5580	chrome.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
4292	OpenWith.exe
5076	iexplore.exe
5076	iexplore.exe
5572	IEXPLORE.EXE
5572	IEXPLORE.EXE
5076	iexplore.exe
5076	iexplore.exe
5116	IEXPLORE.EXE
5116	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 900 wrote to memory of 3132	900	chrome.exe	98
PID 900 wrote to memory of 3132	900	chrome.exe	98
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 1168	900	chrome.exe	99
PID 900 wrote to memory of 4160	900	chrome.exe	100
PID 900 wrote to memory of 4160	900	chrome.exe	100
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101
PID 900 wrote to memory of 4128	900	chrome.exe	101

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Solara\Microsoft.Web.WebView2.Core.dll,#1
1⤵
PID:2036

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xe4,0x104,0x7ffd2932cc40,0x7ffd2932cc4c,0x7ffd2932cc58
  2⤵
  PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2092,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2084 /prefetch:2
  2⤵
  PID:1168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1676,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2448 /prefetch:8
  2⤵
  PID:4128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:3080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:4512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4504,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3684 /prefetch:1
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4704,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  PID:4608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4580,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4728 /prefetch:8
  2⤵
  PID:4928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4348,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4728 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4728 /prefetch:8
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4988,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3516,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4204 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3464,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5020,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5360,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5368 /prefetch:8
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5648,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4996,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5544 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5780,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5968,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5976 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5824,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5828 /prefetch:8
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5832,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5000 /prefetch:8
  2⤵
  PID:544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5768,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5296,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4728 /prefetch:1
  2⤵
  PID:2724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=3160,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=3552,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=3548,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6160,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6148 /prefetch:8
  2⤵
  PID:4648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6432,i,5602057326564087822,8213403272590298593,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6192 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:2968

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:1432

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1888

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:396

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap12010:112:7zEvent2138
1⤵
- Suspicious use of FindShellTrayWindow
PID:5720

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\README.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:5812

C:\Users\Admin\Desktop\Synapse Launcher.exe
"C:\Users\Admin\Desktop\Synapse Launcher.exe"
1⤵
- Executes dropped EXE
PID:5896

C:\Users\Admin\Desktop\Synapse Launcher.exe
"C:\Users\Admin\Desktop\Synapse Launcher.exe"
1⤵
- Executes dropped EXE
PID:6100

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd2932cc40,0x7ffd2932cc4c,0x7ffd2932cc58
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2004,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2008 /prefetch:2
  2⤵
  PID:5128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1636,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2244 /prefetch:3
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2136,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2656 /prefetch:8
  2⤵
  PID:5276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2996,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3108 /prefetch:1
  2⤵
  PID:5368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2604,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3272 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4364,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3668 /prefetch:1
  2⤵
  PID:3236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4564,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4528 /prefetch:8
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4664,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4684 /prefetch:8
  2⤵
  PID:3796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4408,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4548 /prefetch:1
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4872,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4976,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3420,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3384,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4520 /prefetch:8
  2⤵
  PID:5636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3272,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3424 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:5580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5276,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5288 /prefetch:8
  2⤵
  PID:5496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5320,i,4845539513292202270,3659469349764501728,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5332 /prefetch:8
  2⤵
  PID:4708

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:5380

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:2740

C:\Users\Admin\Desktop\Synapse Launcher.exe
"C:\Users\Admin\Desktop\Synapse Launcher.exe"
1⤵
- Executes dropped EXE
PID:5612

C:\Users\Admin\Desktop\Synapse Launcher.exe
"C:\Users\Admin\Desktop\Synapse Launcher.exe"
1⤵
- Executes dropped EXE
PID:5832

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:5892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd2932cc40,0x7ffd2932cc4c,0x7ffd2932cc58
  2⤵
  PID:6072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2116,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2112 /prefetch:2
  2⤵
  PID:5700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1868,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2100,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2444 /prefetch:8
  2⤵
  PID:4776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3148 /prefetch:1
  2⤵
  PID:5676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3156,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3200 /prefetch:1
  2⤵
  PID:2468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4508,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4524 /prefetch:1
  2⤵
  PID:5316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4640,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4688 /prefetch:8
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4648,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4812 /prefetch:8
  2⤵
  PID:4628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4376,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4704 /prefetch:8
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4700,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4832 /prefetch:8
  2⤵
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4704,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:3776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5296,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5292 /prefetch:8
  2⤵
  PID:208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5300,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5364 /prefetch:8
  2⤵
  PID:3924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3204,i,2422190900847294803,1073406818720528365,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5388 /prefetch:8
  2⤵
  PID:2708

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:5232

C:\Users\Admin\Desktop\Krnl.exe
"C:\Users\Admin\Desktop\Krnl.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:5468

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
PID:4028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd2932cc40,0x7ffd2932cc4c,0x7ffd2932cc58
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2024,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1904,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  PID:1652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2604 /prefetch:8
  2⤵
  PID:5584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3152,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3196 /prefetch:1
  2⤵
  PID:688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3160,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4568,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4680,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4692 /prefetch:8
  2⤵
  PID:684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4812,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4824 /prefetch:8
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4948,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5012,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5048 /prefetch:8
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5072,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4944,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5280 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4952,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3504 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3148,i,10679900442039838179,11259214674258354174,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3556 /prefetch:8
  2⤵
  PID:4384

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:4876

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:4292
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\RobloxUWP-2.597.663-cerealwithmilk.Msixbundle
  2⤵
  - Modifies Internet Explorer Phishing Filter
  - Modifies Internet Explorer settings
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:5076
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5076 CREDAT:17410 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:5572
- - C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Downloads\RobloxUWP-2.597.663-cerealwithmilk (1).Msixbundle
    3⤵
    - Modifies Internet Explorer settings
    PID:4992
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5076 CREDAT:82948 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:5116

C:\Users\Admin\Desktop\Krnl.exe
"C:\Users\Admin\Desktop\Krnl.exe"
1⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
PID:4504

C:\Users\Admin\Desktop\Synapse Launcher.exe
"C:\Users\Admin\Desktop\Synapse Launcher.exe"
1⤵
- Executes dropped EXE
PID:1080

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd2932cc40,0x7ffd2932cc4c,0x7ffd2932cc58
  2⤵
  PID:1604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=1948 /prefetch:2
  2⤵
  PID:3156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1900,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2320 /prefetch:3
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2056,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=2572 /prefetch:8
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3168,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4608,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4640,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4684 /prefetch:8
  2⤵
  PID:1892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4712,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4828 /prefetch:8
  2⤵
  PID:1092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4380,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3288,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3412 /prefetch:8
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3272,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4812 /prefetch:8
  2⤵
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3172,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4948,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=3408 /prefetch:1
  2⤵
  PID:5780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4772,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5200 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5364,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5744,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5768 /prefetch:1
  2⤵
  PID:4160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5752,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4892 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5732,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5628 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5816,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5856,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6096 /prefetch:1
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5984,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5848,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5740 /prefetch:1
  2⤵
  PID:5444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6624,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6596 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6792,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6780 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6776,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6912 /prefetch:1
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=7096,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6944 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7204,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7244 /prefetch:1
  2⤵
  PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6724,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7236 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6708,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7396 /prefetch:1
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7552,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7568 /prefetch:1
  2⤵
  PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7700,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7692 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6736,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6660 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7836,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7976 /prefetch:1
  2⤵
  PID:3636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8116,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7856 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=6900,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8276 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5492,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6804 /prefetch:1
  2⤵
  PID:5580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8456,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8464 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=8476,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8560 /prefetch:1
  2⤵
  PID:5832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6336,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5192 /prefetch:1
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6340,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8844 /prefetch:1
  2⤵
  PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8984,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5460 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8836,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8992 /prefetch:1
  2⤵
  PID:5956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9224,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9124 /prefetch:1
  2⤵
  PID:6188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9240,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9272 /prefetch:1
  2⤵
  PID:6196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=8804,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8780 /prefetch:1
  2⤵
  PID:7040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8748,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8680 /prefetch:1
  2⤵
  PID:7076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=5736,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5760 /prefetch:1
  2⤵
  PID:6452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=5460,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5664 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=5804,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:6540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=5800,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6348 /prefetch:1
  2⤵
  PID:6544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=5788,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7716 /prefetch:1
  2⤵
  PID:3252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=5564,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=4760 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=7932,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:4916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6360,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6092 /prefetch:8
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5868,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5392 /prefetch:8
  2⤵
  PID:6572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5668,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6260 /prefetch:8
  2⤵
  PID:5192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=6396,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8020 /prefetch:1
  2⤵
  PID:4100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=6868,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=8572,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8936 /prefetch:1
  2⤵
  PID:6596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=8844,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6388 /prefetch:1
  2⤵
  PID:1180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=8840,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9656 /prefetch:1
  2⤵
  PID:3212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=9112,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9164 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=9880,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9892 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=8252,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=10012 /prefetch:1
  2⤵
  PID:1796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=10228,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9524 /prefetch:1
  2⤵
  PID:6876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=6752,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=10280 /prefetch:1
  2⤵
  PID:6864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=10500,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=10292 /prefetch:1
  2⤵
  PID:6988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=9148,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9628 /prefetch:8
  2⤵
  PID:1624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=9616,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=9716 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=10244,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8916 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=9748,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6504 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=4920,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=10088 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=11000,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=8880 /prefetch:1
  2⤵
  PID:6520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=6788,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=6848 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=10048,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=10524 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=10676,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6848,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=5176 /prefetch:8
  2⤵
  PID:6396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6208,i,9121858642250532574,13711766296978480269,262144 --variations-seed-version=20240506-050114.221000 --mojo-platform-channel-handle=7100 /prefetch:8
  2⤵
  PID:5956

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:2468

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4564

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4a0 0x3a0
1⤵
PID:3068

C:\Users\Admin\Desktop\JJSploit_Installer.exe
"C:\Users\Admin\Desktop\JJSploit_Installer.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious behavior: EnumeratesProcesses
PID:5556

C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe
"C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:6572
- C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe
  "C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe" --type=gpu-process --field-trial-handle=1740,866628793786996743,13392769365336910189,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --mojo-platform-channel-handle=1752 --ignored=" --type=renderer " /prefetch:2
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:3760
- C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe
  "C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe" --type=utility --field-trial-handle=1740,866628793786996743,13392769365336910189,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2268 /prefetch:8
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:5896
- C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe
  "C:\Users\Admin\AppData\Local\Programs\JJS-UI\JJS-UI.exe" --type=renderer --field-trial-handle=1740,866628793786996743,13392769365336910189,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=en-US --app-path="C:\Users\Admin\AppData\Local\Programs\JJS-UI\resources\app.asar" --no-sandbox --no-zygote --preload="C:\Users\Admin\AppData\Local\Programs\JJS-UI\resources\app.asar\build\preload.js" --enable-remote-module --background-color=#fff --enable-websql --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2488 /prefetch:1
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  PID:3296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw?view_as=subscriber
  2⤵
  PID:2792
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x80,0x100,0x124,0x7c,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7128
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,12006175985947005294,16957435917010221259,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 /prefetch:2
    3⤵
    PID:4764
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,12006175985947005294,16957435917010221259,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/c/Omnidev_
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:7112
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7140
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1932 /prefetch:2
    3⤵
    PID:5644
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:5228
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
    3⤵
    PID:6824
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
    3⤵
    PID:5352
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
    3⤵
    PID:4308
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3836 /prefetch:1
    3⤵
    PID:5620
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
    3⤵
    PID:6128
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,17284704475056917635,14500080790956498867,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
    3⤵
    PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/c/Omnidev_
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:6960
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:4148
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
    3⤵
    PID:5548
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2044
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
    3⤵
    PID:1740
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
    3⤵
    PID:5488
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
    3⤵
    PID:2132
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4888 /prefetch:1
    3⤵
    PID:4788
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
    3⤵
    PID:536
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,18277569333888413038,1698148978478415227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
    3⤵
    PID:2336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:5888
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  PID:2656
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:3140
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
    3⤵
    PID:4472
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2504 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:6080
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2864 /prefetch:8
    3⤵
    PID:6716
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
    3⤵
    PID:2744
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
    3⤵
    PID:1888
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4736 /prefetch:1
    3⤵
    PID:1244
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
    3⤵
    PID:2824
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
    3⤵
    PID:5900
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
    3⤵
    PID:2644
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
    3⤵
    PID:5960
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5712 /prefetch:1
    3⤵
    PID:3240
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
    3⤵
    PID:6864
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
    3⤵
    PID:4624
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5192 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:6956
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3184 /prefetch:1
    3⤵
    PID:5768
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1
    3⤵
    PID:4112
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3696 /prefetch:1
    3⤵
    PID:5592
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2076 /prefetch:1
    3⤵
    PID:6972
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
    3⤵
    PID:6448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1
    3⤵
    PID:7624
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
    3⤵
    PID:7632
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4808 /prefetch:1
    3⤵
    PID:7704
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
    3⤵
    PID:7716
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:1
    3⤵
    PID:7852
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6684 /prefetch:1
    3⤵
    PID:7864
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
    3⤵
    PID:7876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
    3⤵
    PID:7884
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6756 /prefetch:1
    3⤵
    PID:7920
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
    3⤵
    PID:7928
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
    3⤵
    PID:7936
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
    3⤵
    PID:7972
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1
    3⤵
    PID:7984
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
    3⤵
    PID:7992
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6848 /prefetch:1
    3⤵
    PID:8000
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
    3⤵
    PID:8216
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
    3⤵
    PID:8224
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6836 /prefetch:1
    3⤵
    PID:8232
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6992 /prefetch:1
    3⤵
    PID:8240
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
    3⤵
    PID:8448
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1
    3⤵
    PID:8456
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
    3⤵
    PID:8596
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1
    3⤵
    PID:8604
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1
    3⤵
    PID:8612
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3652 /prefetch:1
    3⤵
    PID:8964
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
    3⤵
    PID:8976
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
    3⤵
    PID:8988
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
    3⤵
    PID:9004
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2076 /prefetch:1
    3⤵
    PID:9016
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
    3⤵
    PID:9200
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
    3⤵
    PID:9400
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7044 /prefetch:1
    3⤵
    PID:9584
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
    3⤵
    PID:9592
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
    3⤵
    PID:9828
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,7190909912933098622,1488919922163118636,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
    3⤵
    PID:9864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:376
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:6848
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,12928193231105548546,15452062524266452682,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
    3⤵
    PID:6748
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,12928193231105548546,15452062524266452682,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/c/Omnidev_
  2⤵
  PID:3024
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:2836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/c/Omnidev_
  2⤵
  PID:6000
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:1876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:5220
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0xf8,0x134,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:4144
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:6648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:2772
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:5504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:5284
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:5172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:4344
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7152
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:5604
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:3064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:2744
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:6316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:3080
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:4516
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:1532
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:5956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:6724
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:2328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:3600
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:5876
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:5792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:5852
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:7220
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7236
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:7312
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:7388
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:7468
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:7552
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:7564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:8204
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:8260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:8996
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:9232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:9024
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0x9c,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:9244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:9260
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:9444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:10136
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:10164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:9520
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:10036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:10184
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:4564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:10252
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:10280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:10328
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:10356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:10420
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x40,0xd0,0x120,0xfc,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:10440
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UC3YNONzSHPW12m3AT48fMHw
  2⤵
  PID:10500
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd27e646f8,0x7ffd27e64708,0x7ffd27e64718
    3⤵
    PID:10520

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5052

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3344

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4952

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4892

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:7000

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5332

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6220

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\42f40b99-2557-4208-888e-56071f1b593f.tmp

Filesize
78KB

MD5
e782600c105026cc7776a051bafa45d9

SHA1
ad4ac90005de1406b831590986c87035055a482e

SHA256
a54d290a24be602add86884a343f8c4bc4626679fc701741891ed4c101a3ef40

SHA512
1e00886c8b9096c80467b0a8e423ca1b84bdd036dcd3da2ae61fadd66a728223daf02ec7cf868115344e2d3dc3a940508350ac21b55328e3a02742a3105560e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
827a94b5b24573587c68adf626972a4d

SHA1
431443014135f4705328de3930cf1e6a5bc6dee2

SHA256
cf61f36282b8647252a69195f4f0220bc5558ecd9e322726c354d2d5b71e1ceb

SHA512
3c8855b9c0e9f63ef36b9cb546113ddb1692a201b59f845739e297eb8cd3d3f22a377c2a07ab0b7080ea0041a8c68f86bc366ffe8ba7c1e65bf9b15c994ea78b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
481abdb176aa7346a099fde3286753c0

SHA1
58a4462214323219bef0b5c1ade14dc1f4a300db

SHA256
6e699cf0536ecf65f5aa22d6dc5eaabb297d22fb55b2d6673d47b5eae906d300

SHA512
d3c4523d97a48534a49ae551815d4b6fe30a0a06de7d304029b7ef3adad6f08d33903a1d3fc059f80042528422d129ca83c6d5aa1bc9eeae0455e206d4b09d57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
137739741800aa990e381a483b8a593c

SHA1
dc6d802ecebacafde1a370d6a2c187e452119454

SHA256
6a1cd48763ccf431467da3d01fa84dc37737f8b13f5cf85cc363fc709c4177ab

SHA512
581b1680913b628e59db65f5de8243d8b31edd7ebd1f357e7cdc1475f3c1ebe7318b36729da8e6e29c4122a103c2917e1c30a0172eba396ceda2f33620bf2d61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
eebae468f554a0fd238abcf645f1992a

SHA1
2f85f33fb374eb5a5b535d648d342aa9b00114dc

SHA256
2983b530d77751d611a9b87a99b1c53445aa9dc77d0d21b45d6661b463f8e477

SHA512
982d54a44cacdad4a5b2d31ed18aa0696210304246d38cb06004203a88059dcddcb93eea72df066fda86605e658c721845e25fa4a012cf73b07b4ac2020a8ecd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
0691b595fc2027d5caba19cf015bbadf

SHA1
fd2370fed1ad6f8051e28a20b82d04ef7fc9a57e

SHA256
28410e1ac27313940611679b169468206b31c7983bc113884a80043e0897f7a6

SHA512
99e7e864976ff368653eb9d835aafcd041c08a9d3a397a0f1fe7af11f4d0f3d860b68e6effba760debb9361ca1699fa6989160c10da1c0eec73245e5d8939436

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
abefad99bffdafe70f9ac1c717959e47

SHA1
d34d59ad56c25841c8d9e37666b62ac957dcc04f

SHA256
a9068f9eef758492607e431903efdd28e397dfefcd9138228a77d78d16c29886

SHA512
4e987cf391c1a7d37176924bdea0f0d7b2edb8041dc6c3fc89223cfdd57a999f97bfa5ebd82cc6598b18bfdbdc9c75845e8db94b8f31efeca697ba06ac305316

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
58KB

MD5
bc8ec6d0e3f746a78c43cf4f98312a02

SHA1
22a3fdaf7f8e3176fbcd24c760214736e78ac8dd

SHA256
bfd346deaeb1162c3c5d895c452e104f3824cc8e4d737ca78a4800d0f1c74b21

SHA512
5598235c508347c310348c3fabed174c39f639e4ba3513f4419332aa5d4fa4e925945eeb0f4b56bed923b84504d3aed5d5f5d70e27406a194fdbdb3f5c10cfc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
40KB

MD5
5ce7bdeeea547dc5e395554f1de0b179

SHA1
3dba53fa4da7c828a468d17abc09b265b664078a

SHA256
675cd5fdfe3c14504b7af2d1012c921ab0b5af2ab93bf4dfbfe6505cae8b79a9

SHA512
0bf3e39c11cfefbd4de7ec60f2adaacfba14eac0a4bf8e4d2bc80c4cf1e9d173035c068d8488436c4cf9840ae5c7cfccbefddf9d184e60cab78d1043dc3b9c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
101KB

MD5
a91735767750c15f6d5d037fe4999916

SHA1
a999325441a43f6bbd7abb0720a41908277029ef

SHA256
78fd006088dd32924323cf72edf291179ddd89ee7b580eaefaf5bc2f88fc0101

SHA512
95c0a968542e183b69b55a04c08a2e2b62a567dee408c02d68d218ee0ac0e677f73d2e2f1d90c0aa4834997478bddd8e7aca25f19f616e71a2b74c8c9679dc11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
68KB

MD5
f203d75a70ada036423e83070526987a

SHA1
06e072c8d3880fb8cab740f01308fc44cd211029

SHA256
9eba99bb152b450919ff7bddc78c09e5eb0c857659b4fd593c94087d289ab255

SHA512
aba05ffe088c648093719cf2d25fdf46a7055583aa496dc8ef6b15c2ccae8d82c91d102edeec3bca5d6556a90c6d9cb03d688f5ba83f7fa87e1745c06a6d5f04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
324KB

MD5
473f0949694f3afa0c616fdadda79824

SHA1
a5f2c0556931e2e2fe3cb671737f08613a830733

SHA256
314b46aff9845b26888ea9225c468d2736913e678233861eb81c83d6434a523f

SHA512
f42f2d295764ec73e5fbe8acb6dc7161dc6c343f788db8893e1ee24dce7cafe25540f212a3af47ff1cbfe27486549da3e73e98ea0fa4fd6f3b0e4ebbf55b6ca7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
139KB

MD5
2781116ce27bf3500703f5fcd85fc285

SHA1
099e936e4f7a29b7557a161b7e0a60277e6fd287

SHA256
9325f32b0a227b6033bbebe730fa3c313bcc1fca1848d813ff0e271776ceceaa

SHA512
5d621792dd44d5d602b873cb31fc3fe3daec3a874194067de407f54ab98da93d16142fd353c7612dd132ff93979386601f5a5114670c1aa5332ab8c5eb070e2c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
151KB

MD5
21b12b15a4ddb78cc136dead3b1b8c9f

SHA1
026d1deb3b86bf50e8698705d146933077bb0ef4

SHA256
d324c0d6276cdff53f3a92640b5064e4114c6f6d496c256f6307a992e0b10303

SHA512
d09be6820ed7fa0e295a5ffd506016576722513b31223597c4350e82b837325723b981ce01ca20b008c070132e2f98ded9afab08904c5b84bb25c8aa62d0df4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
155KB

MD5
2e3f062146dea1744a4098c4169db1c1

SHA1
9d565cf799adea051afd22e673944e0ca94786a2

SHA256
8934825c30685251dd48b019e3ac52c06eb5605bd5534f104736be938c35870f

SHA512
5732b7b92b41302a86c11ee85bd87c9cd2874a7300dd70c74c3d7b85917320f61f80aadbcf5e476acda62c42a69b8807436bc165ff24ceb3ad712d0c955f0fa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
18KB

MD5
becfa32c5e96d8cfdef2b277a7c748b9

SHA1
d027f4bb444b83e1fbe2a374fd49ddd2c418093f

SHA256
14febcf4c52e414edbd4f107176e7efbc154020a7a9be00d919176dc7212d820

SHA512
ddeb478bc016c48785d467f62783dbbfb00d04538ee33de577806b757dcc39842f412042d0e9b3830ecf22dcd1fdcaee6d38e04fe836be93be7212110bb66a5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
18KB

MD5
78108c8832e0839b0dfb9059d93ef96b

SHA1
fc80ed76f6368a85db34563af196624ed532d6fe

SHA256
f5a3623ad2d1930333ffd5a673a3c6bf68ffd9f8757d93f9dcca55993c64f17b

SHA512
f3d8c284cd3bf968c341b522c0db0186de63711fc0956a783beaec4e09b0a96e8236b29aeaff99c3a6d8a4fbb2df8f9ebd605727eb4a6e1549d4dad4828ff5b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
29KB

MD5
fc3a54126b60aabb257a03ee7368bccc

SHA1
2a52d4a13d6025b116c7e2670d8f15b00731100c

SHA256
2403e1a1abbaa8f911da32a55052a95352a23250d3caf33cfd9246e4084fcac2

SHA512
9ad6ed709ca7da4609e33758d4fcfeede77b7a56f5f8fa2919073695baf49211fabf6905be9ef778e0a060cd11260d0e6eadf4fc0f056dedcda23140640a6622

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
38KB

MD5
9c1254fa717d7aba36ffa9252350c75a

SHA1
1debc2573a0648c5858e9eb0c30775d3032a3fcc

SHA256
c471a6b1d0d7801158a29398595587ff5dd7ee74d42c93cba348a8581ee64600

SHA512
a3190446305f285b2739235072e50eec2c8d5605edc8bb28a4b5919acf31bbd57871376a58bd7b7e8b382f0506a2d8533262ab29e916abb2089b488e0c618dfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
48KB

MD5
61971e2c4c77405bdb98fde2b65ed695

SHA1
52128ced9ad8c99c0ed20bf950fa4ae9dec7894e

SHA256
cac9d00a694615dad4c2453fae95cb8e82dfcaa53b5d7ed663d784ae93e9d350

SHA512
83149aa6fd3a2bcdad4ab0ef7262c462316af08da6dc012d945ea4d021c9f3dec5d42f64079282a3408541190b6bdcf450d81d9ad9d606d4b026a176280368ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
94KB

MD5
ab6a067fbf00c57c377f49f7cd541efb

SHA1
bf5f3dcf20940843bb7c4db86d2fd3bebebe2ac6

SHA256
62a3c8389be6e80982b8224fe09a71f7034d6a3ae5fcba9d4060e2368efe393d

SHA512
c1b4da17deab6cdb25f8ce191a7a86b4e728599eda2edbc120a62b7348fbce50148d9708cf357f62f5ddd152be948dd319afb49bbe4f93679956c8633b0fcf78

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
19KB

MD5
51ae5e9b38c58da40860573fc5de5a1f

SHA1
af5771214c7480110aa67dc16bd406b425982a90

SHA256
9573bc8630bdc92fef596e76b17894cddeecd13b932e613b0487fb819c517a9f

SHA512
2b348c98dd1ba78701ee497fcfe807c2db9a1c2368be65ca66a98321bc05d54f3f6fa97b23cb4ef86bf61c16d96b6188a49d1bc10988e90eea51947d5752a226

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
24KB

MD5
0c4683a44ce348f78cca9a662f533818

SHA1
49471b17ba6b8f21168fadc8640c151403e8319f

SHA256
f7f225c299d2354a282d30a44889ebfc43aa2f6e60b4660c461e398bbfb835c0

SHA512
3bbd2a0b906dc3964a46416129e53021d6f2df5c97be44dd3bd4230675f70629e8f988a8379df8f952af7c6fb3401c42b4a04b20a46cca8410a50b876f6c8016

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
67KB

MD5
6e52a644708109836adae5b691622755

SHA1
fa6729b150828dba23c6cadd92c6b524529ccb9e

SHA256
9584d23dd0aed936a7ebb26fa2c9683d6f2290978cd080768924ec4a9202db9e

SHA512
6f8dfb1240cc28056181eaaccb156801493867a919f7c9ae386dd971eb08525d82876fedcdedb387bc7b42bae5896d0868c4ff813bb0e8db9f8fb98811d5dbbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

Filesize
351KB

MD5
b03b887ae392b6f33fad562becfc0482

SHA1
101c2388c16ca7678a8426739ec7a1b505a6f6aa

SHA256
93db5f4e53b9c0514b9c0c4c562be8d8e7c3d64f8542c03b7e7f032a9c5d0c55

SHA512
0c1cd2e1f5c32b76aa8c994b6399acf81c6f9e2558e120d2eefcde9628a162fa4c3c74aae519a59640f49ee6ca1a33f3faeeaea5e8c02aef9749af0c74d4dc73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064

Filesize
200KB

MD5
a484f2f3418f65b8214cbcd3e4a31057

SHA1
5c002c51b67db40f88b6895a5d5caa67608a65ce

SHA256
79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6

SHA512
0be1bb8db08f6e6041a85cfee90cd36a5b595afbca34d52a125465454fc806b4bb7ae569eaf4c882922fb1b962b6060534e597791cd0ad23483be5981d9be85c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a0

Filesize
91KB

MD5
33fd185f1b645fdd2ee6018b22ce490b

SHA1
80de0242f423efd33636351c5e5584663b6494ae

SHA256
60ad29658c281342b31e430cac3b82eec2d1e5b3565658b4bec9038154e9ee16

SHA512
046984a8ed827407d46205d54134ee18daa160673693cefc887b59c183637adc97061684f9510a28e931f563c0c516452359f157680a5bb2a3f791b2520e6a3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a1

Filesize
20KB

MD5
da5817ef3bf362fed36b6289962bebd6

SHA1
560b0764f944dc04a83f426bd11577341ffb18b4

SHA256
f5a1901db0c519022b7998b276dddf8e486d9d117786e040ca145158509c382d

SHA512
a88b0cf95da555d620367b3be7db3805942cfb8e77a2aa9e6711c75a4fb17970ba4c9fbd8e004a9bce15a083029269eec2fa91141a6eb1da74f269d64b3db591

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a3

Filesize
103KB

MD5
144854e84da83ffea974a51dc947756b

SHA1
50ad7fa26be4433392808f4e3f0f79ffc273cd78

SHA256
8c008eb45d08a7cdb74767dc72e2e47dd33264487749dfcac472f8d9e1311c12

SHA512
515d5343fd3da1fe397d6722bd6b1ef8fb5a971ba8f7ba351e5c022883f3f4a9b145c70e0e7c54e5b424047adaee997095667df62464781a9f684e74d752db11

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a4

Filesize
19KB

MD5
1d05cc62583a7db7139e30dc7a7c24f8

SHA1
001c2cb08fc747cde1028a45b75e462ab333ea08

SHA256
35d0d6598bbfd4722ba330d6d957829de05c18706b4ea9443402298720beb854

SHA512
f4ebf61f3a49256e0a1c50e88d940d75891b54a6766d68346550d0fc04d65c63bc6224db35bc150a108d6dec981cc9b292aa90d7c339ff523e7d3a7f90b3d986

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a5

Filesize
20KB

MD5
65ea735154b4fad52043cc9b82689369

SHA1
0942adb6b44cd43a96ad5c2640b096d00bca8242

SHA256
edc11286a751b3fa3f9192bc3c468bccb5037d66dd7201286f2e020546d5a474

SHA512
4b3655b485dca25da709a19223e006db69644c6cea3fd64b52add0afcd00d15f697d1f157b0e399f683d5ec462bccd50a7f522704384af5ee1dea821f665736b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a8

Filesize
74KB

MD5
42e75b397012bf11068f4e3fda66d36c

SHA1
e81edb2ecde0f77e2c1b1c90654cc81116ac58ab

SHA256
5dbb5d9e0aeffdf2dcb8a8bc1f42e1952ea80d8319c8521c2cbd982a7efb1fe0

SHA512
24eb9e8c5f594000c4f446701d1b260a0ac11077bc4d5c4f62eb1121dba4180c87d670da3f423e21085cac75e8928bb4b8a6d1599e3086fa08fbe1ac72b23e18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a9

Filesize
29KB

MD5
33b04c9be47dd9f1ed232e03c8aa0abd

SHA1
cfc56eacb5e038e03aa8cc8814bbefa77dc8e57a

SHA256
869045dcf4f549981692b81513c22b593fd1944b67c1487baac7dfa81a9f0d30

SHA512
e56fd7374034b94a13c2387e46cabbb4437d83a120489c0351edf55eba4bf10fbe018b6a25a9a3cf5f6b0270d55af2e045e445b811cd40ef984343d7bb4e6301

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000aa

Filesize
140KB

MD5
84a77af7d2563efff9d1c1afc6616e6b

SHA1
15150a9c398aa9323bd990eec834eb29dfe49d54

SHA256
18bb0401707503c02e870067df8d5a7cda65e6643b6b643e729d7888a09eec13

SHA512
c8814ee4e76b18a3ac00480c47a739829d1dfab84b8eae72b9fac6c255e997d8ed993bb97dc9396458d5b5d444dde35223d747ac4d5ec5531ac19c160f527ddc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ab

Filesize
47KB

MD5
73f1a15cdf82610874fbe89549bdef63

SHA1
7f4c0071eaf48d9346719bb1d08ebc1b87a5ad21

SHA256
7560b1a9ceb42bff8b32b44d7059af9b2be3d264542b35f7c7d6a20f98e4c4ec

SHA512
1b2bc1342bc6e5bb783e5dfd92aff50d2c26f7d843646eed6c35056b6279a3794ce6c1016df6e8ad9d90c496b84108cf4fa67f75b698abfa5bb0db860d8c87eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ac

Filesize
87KB

MD5
4e19bfc0378525db3ea589b09167deff

SHA1
1803b0cf55643ec6797285294b53d6da54789f1a

SHA256
b94794abe413d5fc51232a82cef483d78456e011784e5e631778fbbe3c607a95

SHA512
38dd1f96ddca6fc15d736ef827d65868b05b2280024d2459f71b50fded0d3e1141aaefb229ce1db16ab3506aa750bb8589fe0cfd52dea655302df28d05d059dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ae

Filesize
26KB

MD5
eac452e929deaec2f3242dc527852917

SHA1
166af014f2405cda1ffa3bb6ae5f32502aaf5d9b

SHA256
6bb97e69821cbba97e9024fc492de4c4ec64a3c7bde124d7a1a15faec161ff4d

SHA512
348befec796337705477f4658f1ffe286bd0e1dcb71955eec6f1507e6f217f0dbc7528b5c56458c101b1ffa0d40f82ef5ce5449682f0db3ce4f250b835c4e1d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000af

Filesize
18KB

MD5
157d40358fe542d357ed60b2ca5b4da0

SHA1
2923fcbcf58556d2e8b6a828ba24b8526b76e202

SHA256
68a44063a4ee6e75fec6ba5da0acd47a60f24f70a78a706e34837598f9d4a668

SHA512
ec37be56ce09e962f2f2f80490815588f3173e613640dcee1b5e709faa00d7f0ab2dcad3bc6431a41794c48ba0803ebc809037fae42b2a6c2eedab48c43c8edd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b0

Filesize
77KB

MD5
c174f375fffada7bae613907f6ab60f5

SHA1
713a1ea7ae43afd8176566574bab022c90aac89a

SHA256
603f7941aa371ab3cbff172494c187700375da3297deaf938df2f49de5003d71

SHA512
8fb7ebf6d7a897190af761e8857a3e1dff0f0143f68902d6cb6949117c663b44fa10f55d4893336b0b3373298d5df082ac62a7fc9131acc6946eaf618772f75d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b1

Filesize
128KB

MD5
e72e6e1c344369fed0680569623a98e9

SHA1
b57283b23374e08c7982cc59c63ec1cbac00c36b

SHA256
1ed78f4ea7f5737eccfab8d4596a9f60370ac5403d560be07b5c6837543aafb4

SHA512
1e8f98dfbfe065863f88a2c92ed99313209cf05c7735cd4bbc71fd93f608c5e9b8fa5e8fceed08a49270e324bad788ddec149b3fe620f82d07336303a9f4413c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b3

Filesize
94KB

MD5
a90e73ee35ef9f5f83d233b24bdec786

SHA1
6fb57d6e986b67255877f6530224182fdc37447f

SHA256
e5497f15b5ea72a5e65ca01dd2aad1e5373069f4d7c39d6c3d95e4b81a226607

SHA512
fe0be30c328f70420e0001ad301f55549ac7d5b04d1a3168050799989a04c5d6fc266419d04d49f3eb4dd30c0b90d4f18f42e1e69cee2af7ac46892c4247498b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b4

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ba

Filesize
64KB

MD5
3bd6e8b735a61d32c66e6c3750e903c3

SHA1
682c567a2bd2530afd794f5999030a03f56305c1

SHA256
809bafd21f2e8f5aee3c5b002d865086ce84e5cf4dc4a18c2e6d9f7ad88bbfc7

SHA512
875969bda2db5d4199f5105f49e50268b5aecc1285d7d86c2e8fa1cab1986de727b1fbd8e673244596d0ffe10a3517f0b8827fda4df6bfbc4f95f0bd192438be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b7814b75ff7198ac_0

Filesize
298B

MD5
41ad5ef0c78d23f131361463f516a80f

SHA1
fcf2996897c57d535965e286b27bf58e819c47b8

SHA256
c10e698c969cce1b7ea3247cb6963abe74195f3e5a5ab83d880a6a1ed153c73e

SHA512
a59f37760af5e14eae81cc1b0e1b8cf2ecf86ba92fc0ef4acec1875f3898034522ded0514b837db4c1c970977e4a0c8bbada19c2fd1de92eef6b539803bdaf33

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
c486797bad318724809f8a3b4f3400c4

SHA1
35b9f618a7fb7006eccf20d2210557f1467f04cf

SHA256
047362ae4625ef5c56b520d736c9a653c6fb51437a7d6237946cd02e69f9fef7

SHA512
d5bd6bae013551a02dd7a648a110c510eb0566874c2d25bad0bd0736ed367e5e4eac10d39b2c8e24a2967f29a6efb37383de8c161a3ce1bf619431eba780d4ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
e87d2ee7ad5dfafb29ffb986d27884c7

SHA1
8f1b19e10f9f22919b545cd9f8b97807ba1f6c29

SHA256
5f69fe01104d1de2706f00c650236b6b6e4e236d0ac5fc6cbe4924b2e812fc6e

SHA512
ce80b4c398d0eed5c00fe9d510790d2dc4a4dafb30a08de22cd84bb00e49f2ff45cfb3dbc934b2515a81037c2f755beb27a3714b237997cf51215f742d386498

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
60553ae5b0c30ca0b4e36dddba91a471

SHA1
0f46da36b4663c12f55d782d5fe62eca63cd3186

SHA256
ff9655fe5b529a4ee304d400cfb59e1590b84207708e0b62b19b8e598c193f7d

SHA512
eca7a5629ad1a4b0ceac1a3d802a3826615ad55b0ca7f8047083b105b377c351212d1f094a1217b73ef4818402eee59b729c287dcd5745f3cb68413c30db1a0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
c6e6afbeada11bce42faf3d9b6eb9ec9

SHA1
42be2f6e45bc253cd2cfb87685f4f27be6ab1801

SHA256
634ed2454a95d3c55d44710c902501919c474e5307aa1e1d462bcf36257fd69c

SHA512
72988f3d05b6dea70a32173b8853940e1c4a0350b52e6ebf11a037375a139c44206df45894eb28ca9544771ab37806fdd4c8564da2d8b6610403def4ea4af8e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
04058d833105ee945fa9833dd7154987

SHA1
d8cd97422dc90bab7fa1610942e4faa7b78e3fae

SHA256
583736d396604c1c0f2b9e964e44d3a37df966ed64ddd4dc905d2db887dde81b

SHA512
80df009a34c8fe2f49332cea525ae34aab0da4c1b448522f324bb86d8277818e450444b004675f40d8b0e4284c86088592de6eb57576e17adb3ae1c0b358379e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
fa28bf217c50164610d4160fd9f2a768

SHA1
dfd6bc7789f54a1d55687456c256e2a7d39f9018

SHA256
cd4091031d7820b6571ae960fa1c415b3fee9a2246ce3a55819be9db83ff5afb

SHA512
944e49d7f8ac05a0ac707b6d7665643ea3aae931f595653d18bbe37a065957f288541a4a4e86e4de12b36edcef02fc94735709b18f135a1b0714cb2f7f46012a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
3cc94d5ad80be1003e7903cd88269535

SHA1
ed7ade4f9bed6bf43d61f4a4f7fb7f4698ea9e33

SHA256
3c44223a0bc1ea16edc2fefe88a713754852a5bc4a8277534ed81822f90c3239

SHA512
69b7f278dc53a6e967bebb8a4f315225d1f2cfdbec533a2bc8c89877a99a3b2555b0b3ad168e31fc671958b22c683089626885dae133128e38440d6c001d0dac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
28KB

MD5
871f4317a8016f4ab25b4681f0901695

SHA1
ce5f2167afdfbbf6dd71b23535617be28dc41b3e

SHA256
2cdb89d05bd95d06112041f3d260d2de697ef84e10cc02f49d9c00abb4b88135

SHA512
efb8826de09833de4ab5b223cad241578d9fb651403aa71660e2488a04080acd5799d472aedd093d2182deeb03f4bb0b09db1a83297ae3df95987e3c7448053c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
0a5fed8eb4394745cd05198dda932149

SHA1
8ccac5fc28664c8f475701349c25abedba1df8dd

SHA256
597f53e9f7f884577fe8cdb029c12973107c4e5cd22d4a31d5b91a1b8aaf30fc

SHA512
d828479ab343e7addc174398ca6784a34b509c6d57e5123bb2a141269c14d172da542751ccbf94d8bde1b0b4138c416695e04e6e8b15efd3b146be0d23af3190

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
6405320f4f62e6d7eb66a5a837882841

SHA1
193d9ce6cebfec5583b07da9a22be234ba4d250d

SHA256
0ee388d8468badab7c10091000c2147a5250710a7c9689bd8be4a2740a72e901

SHA512
4e34cede10c204e727902133bb555b2538aa8c9286406ec6485e1d0dcfbf663e743e2874fbdb72965eb428212bb0a51bc56a5c6922ea76363850065d7b80026b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
95d512e3122661248189b9c16964b926

SHA1
62a52352a15a315b74258ab28007388312907fd4

SHA256
b936abdc035704e58881be6ab6479df1dbfec489ecb8961b4957490d4479899d

SHA512
8ecbe5521aca9705b0a2526ac1ddf1e6b20776e4c2d5bb685b8fea53226db3583dd6b6298901c514007c1dbb17126b27817766ba19475adbbf8a3a93afd6981f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
42KB

MD5
b319266ee02c631d2f995b0e286bd64a

SHA1
7fb6f63018ea26103d814f65bc1db73114de9771

SHA256
8442b7e5b8436824518690bb4f13f76391e595388a689b126eeced9eb611bf90

SHA512
7e11dcebf5e9c9d643b14ff38730d26ce644b54c1031ffa36113aabf6089a981f5eb929494e9a383ab6db735fd555c10dcdfd61f8c05875bb35eb5284bec0d39

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
9KB

MD5
80f767626d15f6a52a1198cbef6909d7

SHA1
4b6cb397775b5e5f75f76fd50b26b992b1e742dc

SHA256
55ad73af32637e33a7a5f2db9ecdf5d30a808f91c33f05d79154c3685cdbcaa7

SHA512
9fbf47eeb3ccfe9c9dc58411e63790f69a4c3aa9036b90cb8b5c3a4cb9fa2f488e3b8484b98044800fe800214ed1e5f582f1f28401d96c016db58f8f0bddb72f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
cfe21d3d8692a8c943fdc64627ad36e9

SHA1
6e08496dbc04322004eadd58044563cd37548a34

SHA256
43b50970e48d4e82fbf3e5e65411d9a40f81fce9c12cb4b992b2ed18f4f150d4

SHA512
19f079396393f995617243648db0a21bc6e6d9dc7b9a5b4979b1234f0d869181a65c75a6edfe55ca7532b3f1aca5ec4bb6186d5febe01243ee8e885d0ec9632c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
59e37e0e131dc105746700bc86a8f9a0

SHA1
bb7a8b63ee7914156b6a3e3a0daf5eae48f90d3e

SHA256
7f99442b01e800ecb0873211ab3ba61d0d84ddfa503b3d24b46625c4497d4957

SHA512
93078c7b983c2b63db45c6afc4f5d5087f61fb8c176dfd118d9aabe79afa9f73343070acc5b3cd254c993da7740e71b99cdceebaa79a674ff330239b22a1629f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
7cfcce994c425af3681220661ddb9201

SHA1
26ddcd73fa02fadffdac9fd9168c8daed6bfcf71

SHA256
7779e50b749f448d7a916faa1bdbc06ff4409c3d2c272fd6f076f77c66487f64

SHA512
c6de722c8833374a489485be373dd462668df5c35a32cdc10410753ecf57224299118ded9b841344a6f613dce3168af37e9750c101aa98bda94bf8de7d3f7955

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
348cc7768dcd29a971ad2feeb4d4cb07

SHA1
9ff9137a3ef1cccb607c065d81c1b7e19961edf5

SHA256
74157fe6eed78a885eb818dc19ecc2ec2468098a88d48e9c682f3631ea4b3153

SHA512
bf74c60842613fd4184095c6760940e50e704a8f6874017604303c937a51abdbdca94987db87e340b78324024848b9548818a58e617d83e6a9f5ddd63d46ad07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7dd4ec4f5c29487ea11120b082a82580

SHA1
a7ad390c332de98abe0fad6e880674875f27098a

SHA256
c08c366e62a762eb1900c276d4a65707f19fa1d250958c0652bd2f0f0d0185ac

SHA512
cda6c98d156c1bbfca5ced367fb79347a3300cc2ab0d4680d67cd7b0071d22d95754dcd83b58e3fe890d3366342fe9a71dca529c37b0d84985679d6b31eb183d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
dcd4462dae3abf0a60d64da83a6d1a3b

SHA1
2e896910dcfdfe7974c1e46da34f78596dfc6181

SHA256
9375de57c8afeadca960993470eda909c9e140280068d6d88506aad622c6c74d

SHA512
b252fbe44a20634f084db43827644c4d65bc8e22d4e6426727cd3ea0307c400c927da005d540deaf0636b0627bac2e248b6f993a56b4cadb97cc5e1b7a86c4a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
32b854d71ed45b954e318af45a0c60f1

SHA1
b13203373d3e8004dcc9607b425895b4a9574a5a

SHA256
29a000272430f95f24da80eb684b1f2fc52f4d3ed6ec35f5cc19a3321f8dfc26

SHA512
65362d6a67f6d8f6cd3f67a93a4160660a24ea592bd2d555a03e22a4f4798b31bd9a88d16c1698bea0339ac687241024985279b4ab1a8d3f8352167407afbb50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
4e128f37fc4271c4e6dae4e34af5c0fd

SHA1
fbd5a50713babf31ce728c7b057d707a7f4c373d

SHA256
65e585247f5823cb837c699266984eac01f38b546fdb62dbb7d560912e72a8ae

SHA512
1c2f95970713ed0e3ff7ccb948537835e72d476a9720e9e2eced5155ab657d13e786d41c8174af641205cc92fbde63c0c2691ef8271f1b8bee3f210fc763358d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
005615df90ae563b976339a9d77a02ca

SHA1
f98234b360c6f1eb927bb8a1a11d2da68e92d532

SHA256
3c23dffc10bbfbb410560124fa1a30767838acc97a7e03f4147d080b30f77573

SHA512
83fe6663b840e32ded4a416c8b690053a9abe0555bae9a8161cf15b8bad67a68a8c1ab57219cb5b1305b06a37d97a1bdaf1f8d48ac982ca312f0201286b75b73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
b53c66c73b5e8632a62f7956269e914f

SHA1
7996776550dd074226a77acc1df97ba44df0e236

SHA256
4d0e190d3ad027dbd33758e7071d7248ac9cabc1b1bfcec553a8eae82ad293c2

SHA512
d38881ff4252cea1c914850f61e400799947a5f901eafbe390ed41aa4f54e2b0dbb2be38db6d349cc3c17d34a5d4030f6dc43048521a6d9dd04f40d457dbc1a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9724206ea2f12717e83496722229dab6

SHA1
a817d0bb8d9cbeaf322b7815fbc2a8aa4a44b768

SHA256
9c0c94897a90bcd999c4418ec75cf3a2e23a6099035948cafd936829e00eb699

SHA512
b175058417cdd0f8866692a4af6dad25313af3df80f4d02d1a7a3eca16bb7f3b30bad9c84d66ba1d454e1a43d8093f0f370acd214a8038a77aa49735c60ff0eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
9f405cef651ea2fdc6c708860a36d3a9

SHA1
6337001063d69af858209cab6f8b168ff4840082

SHA256
1520e0a75b18bbf2b0781eacb9a61d4cc5a279a2d846f8fa3f89fdafbe73f3e5

SHA512
77881cbffc6d5e862035f490bde7a46143a7c1112d61e707f87c891d37713f13c24289f9b550518b8ce28aa7484ffd0bc64bc4277317540f4e391fdeb13aae42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
2d9b67db1587d260d1ea2f89711f2f0d

SHA1
d497176da00710f73035bd9222a6c17498ae93ca

SHA256
e75243ba0911779ddc42102a0ebf168e3c1335d09d2625a9e788948c106df2fb

SHA512
7e2f724f3eabdec837b06358f3294cb88685a681ba7deeeadd915d528064a2be068df9500516b9287911305db7472ad6a72d25183cc27a60dce252bcf03747ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e4197af613166b48c46d44d4a8dd9910

SHA1
aed4afbccc218cd2d1ea6ba215a0177f9fde89c3

SHA256
28c24466bb622969f1ea5301dafcaaa31251951be650d97d53616e7a0d1d49f7

SHA512
d238f9686358c1d658955d1bfd08a828e1f445ca17e8de73b058e813a87fa92e6bd2472b7844218c3dcfcffae52cd2ce3a237d1fb8ff83e7fa495fba86c7456f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bb47bc474c2069da587ce0810e667a95

SHA1
1232d80f3c29abec53e496efc588361533f38c7c

SHA256
9403975f1e58feb4356dc78f03b762ac3f75d4edf709f537e767ca26a61d8a6c

SHA512
fa9a50952b500f10f6c6ce4b43ad824b8096c9316c837f9d8063667d4c1fcdcd3049fe84616a62875e07c1b481fac0c8d15db61afc2c00de71dad1445ca0cf61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0fbb5f55ed251b9bec49f7747ed8be9f

SHA1
16d2586b2816e70dca0b819e299415b3f2b0a49c

SHA256
42f86394482776383f53d91ea086e71449b62e6f8aa351c582a94fd1d7b42b98

SHA512
c581391acf5249294249ee9a9f7943bd17800a7fb6821536457b59c4303015e1cd8250b045453ace5355a5fdb2c2966abe0371af67f4aaab0526b7e8cda3a05e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d5f8bee68a9ee6798a864847d7d95cd1

SHA1
2294ce5f2085f5431d317e95986e36eda9afb390

SHA256
d3e7f558c6454fa04b99fb075ba9dbb22861c8e118b6166467ea0943c26bd5ce

SHA512
b257aa576dc6fd8c67f8f70f0089e0f08c2a11840ff8f177e955a286890ee80ea1b4714e5aba6b26387d417d23cc17947e46167cd255738c5c386de0f55b362d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7017a3219d5a9f808710dcc9ebe03b72

SHA1
fd334ddf833026101073d414e0b859d9690d5d8b

SHA256
101964e8ea48834a0b3dd84a8b23cc5e588f7629a7572fed15748a1e03aae070

SHA512
604b020c1e060c2992b326f5020bc132a15920bf92edae09ae49316dc17be132053db7956365eba94bda624e392a213a58899fba97cc7d763eae5aadebafa5ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
89b0621ab1586cfdfe727096b6272db2

SHA1
0ef63f1aafc12c5152104f63c92d5f234977ca48

SHA256
07e9ee5695b53ec494c2ecdb554c1e8f6e8b9d60c14c7e0178956a05bd9417e8

SHA512
ddf238043bd267654f11884caa48d07a72b21e9e91d4df6aadfa5190395d63bfc04f8d65730d658bdfba08293ca6a6e17fa88537e683a88fc5c3b0b2083470fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
9da00021f6519752011da07157cae6ef

SHA1
985bbe9139a3cdd02449dad8712a52b2ee8d61d2

SHA256
49d532576cd3e2f320430d681c40c2bd4b5d70fe70bc29cc495f4a10f93e9876

SHA512
c3e21943fcbcef86ed327433958e69b557ff903428856af6859535ed348627b2fd6f8546bd761cdf2259511fb4c13ba9b3734ccf3248eb1124ac09d53d35e27b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
bc330417200c9a0225ad29326a2ef81a

SHA1
d59a78c86be81702afa0c46924e36b03cc5eb59c

SHA256
9ed30363ad556c156606c433ea285be5ca7fbe8f18fd1b0cbd843d49523fd730

SHA512
6c8c035af3f3691b173d06a869986ae2d0e3f70a698abd46deb4f00b382b077bd02caa33f1c0549aceb953b904353cffa41ab21c02d23249c81830f97fdc63a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f371c72edea119a07d6c16705a321f52

SHA1
1263f3ea3709e291d5338a9878a91cb6635f3f63

SHA256
3c0c2c0a1c9740342d31331d3603fda50c6ee13e9a9a751287d96a1b7ccb5ed4

SHA512
2c11e43dd2016a5c69cf317537edf0c66ac671af090fe15ab644883cf689295e78856bd72c1ceb722db595395a41550f1c70660a3d821922af3cb69f82597279

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
1f1ebb131cdc236d30247f9084797bf5

SHA1
75093fa78b1bee21458807ae8bab7207bd90e92a

SHA256
d85cd3e18ddc13935a263f4e028b15566e594d24712a3e3053fbd97d7b843b25

SHA512
ae695dc2e6a0e478f8235725f0e568ad0e42baa1ca5f116766658d37260b3612de43ef5ae4eceb6c305f9f1c3b47a640f8447c10110b4a06b62e285173b913ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
73608d7c5e892c9d2df57857cd0e7180

SHA1
094f5d30c5d68439447597a514273de06368c790

SHA256
a0ef056c5b2fe07de3382a9eac0011f7e8052235651b916030a583cefa1df0cc

SHA512
cca494c230aa74ab5907d304224d78ecbd7ef2e647b00bad9b57083cc67f23c71c91c40514f8323fa3b33f9faf2f50d5aae672261eabddd88c057d6150d9f8cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dd10d0d824941ad6c705ee2dbab78495

SHA1
bb3158516e4dbedf6cc2ca4f823457cba3d2ffc5

SHA256
7836c83119ef4642f6c2371c6260b501ef0f8a4558ca5b5d3061bd4c8ed9b7f5

SHA512
eb3018e1ff6266660a80ae50ca21993a2effd809cfce60bd9d101541c9d124f17b34ca71b7453fad837e0cfa61ea3890ed8293d2f3127c366d9a184c1e44c7b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e4eb5d99b0938bdb5f91c48376e02923

SHA1
d51496fa30fd283b0fd54e03c16957efc6a90ab9

SHA256
a641a702a4ae2aa07799720bb446e7587d94d9f046b668d5faa4547b9b653c57

SHA512
21724e3cfeae9a4673b12f6cd3f11301440b7b7dc8542953c23f782b94d5d683cdf2a463dea0b08cb3d9665cfbc90f78627b3e3e256fbeac1ff1852afcda7b6f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
02ebd0649a97009984e4897a11859037

SHA1
5317fa0c9b1a81c91dc4e66ea72cd63f4806dd34

SHA256
96b3a9a35bbbb31e54b458650579a921bc20f7f1768cd1c2d6884ec932d8e937

SHA512
ca9b2a2efff095e10f4d17a063e5fc4aa2fdaa075e96f20a67ac8dc7e7096961c80d9c6606fa414ac9cb0bb703b5250c1edd21ebb505383228c2610b3c728a74

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1a7f9d8a0e9de8cd94052703aacfbcaf

SHA1
efac16a1c516bb2f119ee6ba3e6540abf4811d02

SHA256
f74bd590fc1bc94965f7a37bc60b97d0b45fc2cdffab13c12e3a93a824b915b7

SHA512
228d9d1778c9822c7bb3e99df6c3e23d5c6bc70bfa1f2a886b09147b1779efeb5f74ca8cde25582f27531b8c53a15178244e055cbe8e6254d123c7845395a24b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0da79f3dd9f5ba2120faecd3d6decc03

SHA1
82e13931c1093458ca7b934f26bc90deb09cd510

SHA256
50c7da3d53d062079f3c566e086825b79438798be743c1e48918c9c76ecc603e

SHA512
9233815640d062d3ca85945ee958540f386d53857b239669de460ac4bad542e2dd4bd9aac512d69eaaacd87ae076db609443d726ce2e1568b0a00d4c70b4b08c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c202926633eb175d74f0361cfe4547b6

SHA1
bbdd87725f4eb957860ef0c2a60b7cb629e0666f

SHA256
0381176d24fc8c109cf482cc907fc364ea5b8375274c857493712787c8ab02a4

SHA512
dd7dca2d7449ef8e95236ec75992d1da343017f2731554a032395f8bd7aeccb346bf0ca8fad923d0a013034d700b0b57b239845dc727d582b52730021ac18153

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
15b03160468380d31971416b9d660d98

SHA1
23f0511fd08fe746ca249ebcd2a4e5580af12389

SHA256
d828ca2bc07b2f6dd0d7d4266b44aa9f8022991f83e15659c7540188fec9918e

SHA512
2dfc068af6f9cd9fc8afaf2c630f3b0bd10f52599cd4e488cf58a40f2af3bee1f77e7132b52e66b2be044576d2f3d9f9d6b0ea365071bcfdb0742713c898af4a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f40b4ef9f4c19ff2abe0daa44009cc14

SHA1
0bf1c28140d267e004c0f42855c423dbca7b60aa

SHA256
19198b7af53154e8d32e32051db18c9004e304a41a7352d2d9a372b607158c1b

SHA512
99a5ba05aeecb7f0650b80c612966010fd304fcd8675c44d2609b5f8fe75cd79452ed78bd2c2ee46b92e56a95d155946080639fb5eb318d7e2f559a4003ee591

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3f0d83dc7a81bcd00dd59133ac94ba26

SHA1
fe4f30c7d04955d8f6afa7fb0f6fc7bf388b5618

SHA256
f2b47901328e7dd57ef507c8f9309b7e06caf23e09b63bf2503bde82c8e46d88

SHA512
aa553a8182a19021e19f4abfda668b33c313aa9e12e00c0a8001d244d287c9e54fb0d57f6e713c1c4bd94ff38cbaf2934d6d2afb9d5daaebfd8f474b059c441c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
d11eca11af35434e3ac5215e5a089ac6

SHA1
73170300791930ae1941b3c4e1f923494d4255cc

SHA256
4922529a024e2dbf35f45a887366b7d807dcc86b4a1752e2f8336a5010c196ec

SHA512
c128e2eea020fe04cb64f9740ec3faa616614a275d55b11fbd3c0a50618b6d4fa1b90aad0d69e6c6c784d48fc2c9554db7ecefdb93f5f667dc5d4dda263e75a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
e9f14c0bbe280d75f956e16d54924be1

SHA1
46a6420f8ffdc48eb0f5813ca6cc6b1df5f9b6d7

SHA256
b8f20bd0f37d91ee092be74202c2dff93c586fd119aeefb8f3e7100ee6c241a6

SHA512
be4328a3e4c5c62ca31a5ecf5af95f6a0178ee8ced8dfb96ff696d0b48deb412b1e10ed23269d956a67ebf968e03d0ceef9994f1832801f6f028b7da1de1d8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
fd8bdacf75241cfc6584ff398d24e639

SHA1
2b754672ce12ed4d088d30643ca734cddcfe6db9

SHA256
a5a2b6642b1b5be72162f634f6953a1aeb439aa26d95e55e27dc20bf7e363a0b

SHA512
376749e86ae7938199ab9c30dc7628c8a79cc72f88081b5b17694860bc1f2ac3c8fdcdf99163734f3d539247795c21882dcdd1998ce6f7c31b71eddbb6aa4110

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c952cab0a145a2dd214a27646cf4595b

SHA1
5a4efaa0e9f87053d7f309808f9db9af19b2823b

SHA256
1c569559ca20dc4883b9910884562681b95f46c47264e3fbd1801a2c81536bd1

SHA512
25e112521fae255299c90828d87caf4d5eaa5be70797ec7883d9c203c9d4013554cc94feb00d83b633c40e6aad82b0bdfe9ead21ff84138e76d14fe08dba9ab1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
21b038c507b5ccdf22f82e30a1428b0f

SHA1
d1096143ec972da388ba821677edaeee05abd9b5

SHA256
e1deca9d42cc337fb9a85e5fafcc29a6ac4f683e00616158b02325699d286ba3

SHA512
3139062ddd0d0219977b6c54c5a931c0c001a6b09054d7f68d9f82e22e208ea202e31730254c03cc524d1efebebd05a9aadeb86fcf341158cdeed9107afc3ce3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
590b7602fd16c97c50b2785c37ecf89d

SHA1
b359f7e5a923bb7622a55eaff995bb495393bbb7

SHA256
7bfb096c39ee8d5f360623de0b9d54465c4faa526248ce194bdf17ec389d640a

SHA512
30fd6f31bc79ffa879ea22990f978db4ac7e9875abc50f0e05d1962e4d62dafa486cc42ffbda6fbcf80c87b56a2a9f29940680b6e2910e638167d417a3804185

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
d59235d58cf8de8f1c19a76d84df1b7a

SHA1
326adf8737291429febfcb5481739ddd71028042

SHA256
3c6e91a41c946324f8d2e60dfa3a066a9a97c883b877e292dbfaa83fe4382c91

SHA512
e3e53102fcc07a9c60f9be3524200d60c1a561328b7e4b2ad5b0ae2d207f2a79b3d4ba7ceb777cae0aec8b2c7536bab9e14f7ab03b73d4f23313323d5892cd23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
2ace0124ca401d1f6a607cdf0488ed4a

SHA1
af61007ffcbb20730a93b1db3dcdc509943e52a3

SHA256
946e5e040ab658ec753b02baee3be27d503c42e08d632094867436cacb644212

SHA512
982cf8a72d6765e64a6249c396209ab1cab335531bd072af752df39a2e91a1dc22bcf797c71ef0836bfb1ad4c3242ee892d1cded875e3ba9641ef359a321242b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
a546a3cd0be633984ba9c99dc12667d9

SHA1
315c147179fc277e3f90fc585edf6682b6a4e236

SHA256
15313673a841beb514efcacf03dff50a1f598750926c1fdb6baecd3b9ef53314

SHA512
c69595b5df92a6126ba76fb5a1f0943188ff8e9da62b05725fad21fdb6b09307a3a041b0a87acaab0e30e942bee8308fd678342a5e0f3f381a2665289eb7cead

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
3a2991c2c861f35da4fc4da42b9bbf72

SHA1
2f4cfa1fbffd9e786d0773cb069c279a3c05d8c0

SHA256
8404f0af4fc632e27ae4f99bc34e1bb378d3d2851356cf0128516b9388eefcc7

SHA512
2bb48e6a83885d12b84b5fc3dfd1973800ea70e4549e3a9b2c80b6c0b24ebffe6a213db65529a3100bfd3adfd296ae8fad0d7b0c01fe0e19e31632d31d47b76a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
cb0656ede4cc36967925a0167451c4b4

SHA1
3400a44e554ea99c25668de1f1ad56f4d0450138

SHA256
acd986ed81c92b96539c84128f8ad41cb7f53d0686649d2d7a306623482e120b

SHA512
66417eae8e7056f8e11b4f7c6e9da87a719dd55a07f3ff9aee4c0084e20e758f25541b11b714e2c179276628776191972066a98979ab1add8ebc8b356e3f6786

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
50433d0d9e1a99b02d631ae0e164e3f7

SHA1
f029da8c150676612007b462c462a8ed45ed676a

SHA256
16353353c669f2e198de0d03cf6a66484ddd6b678a7a16b99eb7c52d2f210968

SHA512
8b6ee2e9d5f0a047bf6ff2ac7aac19312a85a0016a01939328343c630937498994d7540a375c705f02cfdca6c056ffd4e16031ffc189366e31801c5c07d500c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
570c2f86121e549d6d5383ddab770c89

SHA1
73a6c76c558f9f8e0a1d2525b6e486d261b69431

SHA256
8a9acc0d602b6398cadd871f2a9913cda0dea649eb22b68e55081377850b69a5

SHA512
e08b57458f5165f568f974af880226c1989f5b7837105b2d42b0b1c5fdb2357fa73dbc41a99721f42a0b0af3365d5cd9644e81d0c7f8b6a8cef95564dc0f03d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
b95b9362460e7a533c01dd1760581643

SHA1
0bf40b0b0b4d0de7f8fb1e69f0d9a88a7eae780d

SHA256
d588b26f5db4c8190b7a6d9181bf6ec190145121aacd4f39ad275ba828dd8bac

SHA512
79fe89b1220207350da669b2a1b8ea52f65bb8bce6107da8249f38a232c2ce4621cd4210f963fa03483d60dd1748d7c2865a1240f055f892845e8fb2bf5250c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
57c1312fd40578a7eefdebf3d61926f7

SHA1
09d5584b363565c3c73de32428d46c134cf30c0c

SHA256
ddc369b4cd16d0ff66910e8a2e6fe0386b5373fd3becb9b629f53e4cbef17922

SHA512
71262f088d00e205b4469a1813df930657742c1f85a4965fa6fcd2f40bee7152879914aeef5c05aae622de96c05ecb3793812df64262b5e1f3ff43bde9eca1e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5a8e8ab2deecc3070abff678e6e65cbf

SHA1
70bc1776c8fe6480686e30ae7289859df53d83ec

SHA256
026c2d550392279586bb8e7555f5e0d05c23d0b36d0a579899ec8e726428a3ab

SHA512
d04850a0da1b397afd28c08c159bf9d3d8632e1c72ab7d1073c274ab7e7fe19c74247e2f1032fdd2fedbf042ac0224f01a04340f4e3d95b7718764d0c6f59f28

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
2f389489dd87ddac7b8adbb42e65b1d3

SHA1
02edf6fbccae5477a240b81653ebd0abc4dc7bc7

SHA256
c388c510fa87b4e5ec60cca69a5e7fa986b677e3ddc18fd917ecc67f8ef2d018

SHA512
aede044fa40ab1f96154db9291da7bec8818f4d2f6c607252cc65d0a275ee5fd5ebdaf05a8d199489c32b4bf0b77d41a84ae376b49cc36b27c781ffd3af4f9a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
7408f95d55ce6207529cc90e18454c67

SHA1
b5b7f9e634eac8f5ef0b6297b0698a7ccddd4d29

SHA256
109c2c0d127a8dbe5d415c9ac744067256ad0eeabc0f8de776b7e5d93bdbb775

SHA512
1a78f0cd9dba2425eae97158635f01270bbf726e3856c812378cacd13220413e1ffd431f2fac5bcd12b8bb443e827f8767535457324b5f76cf5600f767f2ad8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
beead955b8339bb4f585aeb8748f9eac

SHA1
016417811f3b9f3592f0c8cc7f2a6946227b4435

SHA256
ceec91c5b204775e3170942a4ebc7b17b4b5a8196731246ff91da508c33eb514

SHA512
2d8897aea5177126235968c3daf55943b345e652eb43012219592cded148915e42a258fffd5b23e8381353c7ad6a49af82b4b96892b6b310ab183faa71d01101

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
7e631bbb184c717112a02ff2ea85907e

SHA1
fbec177726bc52f2e863f2848b3b3a08b5077fc5

SHA256
286f908c2bb293bc3fb5f57fa848675153d40ae35cd9cc65ceca3b284e39cc52

SHA512
abd5351a4d4f0f9265a2b64acc7a50e56f40b30e354b68bd35ec325f267450593007798459a196d0add31e78b36eef5d671a1563098bb8fc48adc6ed4e0d9e79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\eb0bc206-6569-498e-8c80-acae539df205.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

Filesize
56KB

MD5
7b70e4f20ebc32050452fc08ba9eb435

SHA1
6a4213636c5efffca9a30ccfaefd8c63fe4008b3

SHA256
6dba61890125838f9ed6c4a80e60b1729ff438f6d171233803b1b2028a291928

SHA512
987275ee484efc0fbfcc70ef54d470946608d13ac93c54739ee8df1b23ad6873b3f7876056c804bf000b9ba5f225135b66569f55e06cc31e33a7a89fd695d0ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

Filesize
106B

MD5
de9ef0c5bcc012a3a1131988dee272d8

SHA1
fa9ccbdc969ac9e1474fce773234b28d50951cd8

SHA256
3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590

SHA512
cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
aaa1d3398c11429309df446cc70a4b24

SHA1
426037d880450cfe67c0db4e8836d8cf67c3af33

SHA256
d3c5bb416732a0643cb435ce980e4cf7ed0d96375d6d1d866565ffa4cf5f4e31

SHA512
5400a74ad59ee80e11b97e884bedee53af567520b807e4c3c43b68446bb495a967e22838aeee4bfbf02486ec5abfb2e821c5165ab2b894a54e0d7eb70c7355a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
5823694841193e73a89424d51285dea4

SHA1
7c1806453864fec2be42bc81721c6dd188a25b7b

SHA256
6cb803caf8b6c6dd307f306e40bf31caa0fa0d33966831b5cae71d858358b0be

SHA512
6e1e4da1748af37f2495e8b901dd9e0d0581196e37b4cc516d9a67a3c37872d613a625529ea28456d041ad3fcde8c819b557a5379a8c24bef5d312e4555f2dc1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
283b1536199857667b246ff1d421fb1b

SHA1
b1710fc73429e74f1d6cddf37da4c611ca3bca82

SHA256
bc833624a3336aa0dc0a9e3824d2511655538891e23d25318523dd90af688684

SHA512
29b1ba5ce3312e3656b32a60359ada89c8fed4954d79eabb9d848055dcb0954396d267965084404478f8512e7a4be79543726098167911c793a5dc45d17f8d57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
767453b2bff1c18ce574500145968cad

SHA1
9505e3c382d9b527e8ba3ff8260554141c4b33e2

SHA256
db9b1ba51785d620a0b2ba8afb8c79a5fa7458c911c0951cfb8e47ded0c283be

SHA512
e70725a36e01db04bb3cb7ab1faabac30eb58ab9db4b7d44593afcc412f284c91a32861e873df852d67096a0e2a52f897fcf47940ab2cb142a5d87802f79b4bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
8b8b456fac2cf13d18656317716e8a5c

SHA1
db505f3cf2f226e5a211dfc35dc3291ea318dfbd

SHA256
ddf317de86f37c32bd4abfe5069554d0dfb90448968420abe6a658955afc5357

SHA512
7241c014bc7e223358ac9da1f8f45fad782da99125a511bbfd1c2733d673140d4d17776fc72b851bdf4a70a92675cca9c31bc1a6323a4f258a5feb0b8a7899d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
430b3fa26fca16a9a658185daabf7f87

SHA1
30d6065f803c9986a5db593aee00964dbeae3f1f

SHA256
09a6c6461b61375b1b16028374378af7169f54460a2d45b0526d7f39e571f65d

SHA512
5d0ac16f33279e13bf940467462b90e5df2044e5dc142ed216dfdd6be8ea9f082ded213c2f97fb79304410e82629f5473799edeade6146b6f1ebabf1c532da13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
384e380b998ec5d2072dc0fa5fc0798f

SHA1
5d9557f99a4181f5b7ff0e716e8421762d804980

SHA256
681004df9eb6feb986e70c33b365c0f6f3d1c7f614faadfb3b17ddff6b7cf0d8

SHA512
fe8c5f0ab08e6122216451e905a964aba52925cf7355d8d14e459859eb01379a3de510ad0087c466f645705f36f96c750d8081821ad0b4c188cfa88e4f0e6717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
380e1d9042c4546b28ef50b2eba566c1

SHA1
c9f4674930f13e7285fbe2966586fbabd8658f9e

SHA256
5b05bce85eedb5d3fb54f01c766d736ce9f933e07249610c3b85190c48a790c8

SHA512
4f4569b53cb05280f93118ae17f9547aa8c354526bd5a98ea067b1d7713429ef62dc10cc5e56dafa595530de217fdf95c132540d3d1f878b0f05f2fdbe7b1b57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
609f2b745efeb8ae2432e362ad8f204e

SHA1
3586f6c2ddf4e8d29b26f9e00e117387be17b99a

SHA256
82fa0c4d461d45e72630fb49d27a2a03dc0755dbf102009176685cbf0a26ae7f

SHA512
f194c95d46ee919ef75ae8d2c18d13cb592777552a7d542daa9b8da74f1000956903b487ae4f498d9913ff4f6d144c48fd23d93977297e9e78dfb9cfc8fe844d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
2e3c0c7a63e33b44b57b23e29888e052

SHA1
46a81c03ffba98f0c56e3c98656654099e4a800c

SHA256
bf4672809417c800e7370ba278c27af9423880c47a00a6ef9c9a1a2ba2fec51f

SHA512
616d8774f8cf7056d7edbaf0af341f340d7b93db0d462e4d7ed31e080701a4161be5116bdd70cd0b10cd8d35b592338b3db93df930580a15814913e5b270d641

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
b893953b3d0293775131eeea68a20e4b

SHA1
1165b460e1cbdb4fb283fa06159812b750569630

SHA256
39d4cc3288fd5aeb168f9350812221574956e019c26e5021174b569bdd7c6186

SHA512
f03e7f0b7636dc41f4402c9599553a366c081f701e71255d8f0bf56a459bdee74ce1c2afebb85b54e7c4e88d581e3bb211386a057b1275b34a3dbd16570fabe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
03c3faf3a5a2ef8e47de73f4943271e8

SHA1
94ae8101518da68f5210d886e009f6174cad186e

SHA256
b9a21d6e6421c1e95fbf41590ce99d527a66f5eee345002d6c0f8ce9ddc77dd9

SHA512
2f948c60e92577145220b897a8a2b890625dd7cb4983ee210e4ea951da33cc73e3f660be965b32db2236ddec8df881ee722722da85f50cd51817ce0c5ef6086e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
78KB

MD5
f46a2bfaa9cb017fd96e0e3a721a4641

SHA1
7802aa0d06803805b64abf745110ac011ce90b19

SHA256
200980ca4ce9b5b482f9954e478e3f8d5d2707a14a4f5c8c85328d1037d720af

SHA512
9834815d496f1376bb011f7b817b17a87a1950014bd77af79c3b1e6494cde6889578e3b614d9e3aa1e403ce30263fa4c2140c1efa03b2b962f33df2c448b33b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
d46e8805c864ca6e0f48bfea38d82c59

SHA1
bb4b83837f0f6c255b323f8bccd2edbf2cc5bb9f

SHA256
acdbecb570408aa5d1be33613cd763040ee8ab38d651a02ae776c1bb0b0e006c

SHA512
a966d4d0ca9f35f3190b947b3c749714ea2bfc4a8401f79d760e540cb1840626c7ed5569a7e9cce1371ef61c99df399b82881fae71c22efafd42f5a2a28ab11f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
85B

MD5
bc6142469cd7dadf107be9ad87ea4753

SHA1
72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

SHA256
b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

SHA512
47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b96dd30b-daf7-4763-be0e-93d0ac005dcc.tmp

Filesize
152KB

MD5
65c2e7d857b229692ebac146446c5e60

SHA1
5c4a97b39b8531b80f378b09c966a5a9a483b1ce

SHA256
23115f4e8f674a99af44a97956e5e1cdfd9e06907c177c8df62fbdf623f51959

SHA512
541f9293a14f4173f7e4ad2354571457ab49577b91e16d0a31747c79d9d4d4ced15eeac774c0f05552c7800515f4c4ea7c5d92e3914f4302ea83d0ac1b7edbee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
61f7a44a357707e4ac41fe146db79ce5

SHA1
298a70d5f1c12cd08e1c947fd96d5e8d1c89d44f

SHA256
1d33ee6daf8ec70c9b1a0994c8ba8a5d955707a6b2817ceec3d43160419b63ef

SHA512
1f86e4d432ee1649c7dbe53731a729655e54c48287fd7035d6e4871c054ac0751d90f90eb0cdbd08f734e1bea403cbcbd2871be9cffee21e53237782bae1da5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
20KB

MD5
d5e58beb8dcd64d394e632ccb975296a

SHA1
a4f2bcd9fd53b3bb661b633e51543567437e5360

SHA256
b1fc5dc1be73e739760a24b86a5d2340234591c3f8b75ef0ef7a935b0c27c2e5

SHA512
0464afd34699817e2c3c81d507f827a219d3fbc95fd4678f63e973e85085d3d78bca192ee9dcf6410b092b1f743ba0b0b5c2b3be9f7e816d2185c259b63726f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Synapse Launcher.exe.log

Filesize
1KB

MD5
d0813621cdc8f807e315d07581c28c48

SHA1
0ccbf04520bd7952a6b5c7291d5695a7de199a67

SHA256
9f870027745f2e032cabfee0ff863a7d0f29f9d05146b12292100115325ac7ba

SHA512
4d551caa6ff0dac2cdac8195046e7ecf90ae008c5b42e432d7e52c5a98f3370916a8d912607cbc49811b778093e8173a9032671a82f5f068d4f05184691cc426

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
850f27f857369bf7fe83c613d2ec35cb

SHA1
7677a061c6fd2a030b44841bfb32da0abc1dbefb

SHA256
a7db700e067222e55e323a9ffc71a92f59829e81021e2607cec0d2ec6faf602a

SHA512
7b1efa002b7a1a23973bff0618fb4a82cd0c5193df55cd960c7516caa63509587fd8b36f3aea6db01ece368065865af6472365b820fadce720b64b561ab5f401

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
62c02dda2bf22d702a9b3a1c547c5f6a

SHA1
8f42966df96bd2e8c1f6b31b37c9a19beb6394d6

SHA256
cb8a0964605551ed5a0668c08ab888044bbd845c9225ffee5a28e0b847ede62b

SHA512
a7ce2c0946382188e1d8480cfb096b29bd0dcb260ccdc74167cc351160a1884d04d57a2517eb700b3eef30eaf4a01bfbf31858365b1e624d4b0960ffd0032fa9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d7ef39bcf58785316a37b30e02e01b49

SHA1
f6086ec134e6e99e2e559e75c809ce0f5651b656

SHA256
a915fb9c638c5ba7d81a4dd9b848a6a40e205d47a976d8ada7c0faeaf25e1251

SHA512
13275c0b8795afb585b6e860245573af3db3e340cd2ff86d7929b7917863496f09cb66bbd193a08893eba0f427c034cbe4786573312c6c43bce9f67caf200448

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5501c955826eb6079bf48724d92b3b97

SHA1
21a76f072207f2142c0c8fd921565a2327d403f8

SHA256
6df7e5122f1ed8e02aabe231602ff338e4b928918d0e2ffd36cfd0f66457d739

SHA512
2c3c61a30e6a24601da1b845e0ca2a1129677c6fa6b69a8a170370242b7d337110ee2606a3a32a4730fba52e9fd773cbdf7eb94fa97c662ac3313c73d109efa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3ddff5a937f850870a27d5b338c22c3f

SHA1
bc17f910a3c9b7fdfb2f3e49e2750b3063fd25cd

SHA256
9638fbe84ca622c3b1b230727efd94ceb238d2e5d0706617b22db8155c855098

SHA512
3ead882d97ad608ef2247e1c6c3cc0b4fb39c7f6111091fdd225ce278a0f9cc61d1e8ed38c93b2a66353fea3a1822f69dd0e9372c5096cd4fcc0d61773ac450f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
32KB

MD5
17af549fe361b2cd9601d41055e860c0

SHA1
70722c8a36ef707dccbb1883556c3bcd9a0d0856

SHA256
a99b0281b3ac482c043b91077caaf54b92fa6a993e01843611c4c8bd2d2983a0

SHA512
2c9a2a6d99e6676c84e266c525dbe60d7b6c5e6c0879698883fbf71f114bdcb71e3f4be7e08d2be10a9ff776267ed51c141741e4e7f0e09ea3676ef188d8d6e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
85KB

MD5
f473586612a2ec46c1283b83d0f2ad98

SHA1
13736c2f38855dcad13dc182969030f530b4910c

SHA256
198a2fc4282da25478d8f1b7dcbc645b8f12cf131a26181a5fd33dd85fae89f4

SHA512
4a47e4cc8a8c73f3efc0162ee5548e7e8ed2e3713053d9bd6e754ea2de63b97b19c78b54b961c253edd6ae8853cc10aa197617f135079db9af139c3b56510880

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
b04f2d4ea454ecdd022638335507f59e

SHA1
4a61adca4b3a602c082d818711b6d8892ee13599

SHA256
ff58701e5147d4709eefa03c93628281fda8c7ad818fb5c5f04b1bdb04067f61

SHA512
465952e1219cb1c3941c4c034f7863c8e7c3c873c64fa1dfd3957739c9cc7d40bc2c13fab5e92f3f4d80400d79005f1240e5a0085b13b49da4e4767924bb7526

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
f7824e645a3a2205499c07f9e24312eb

SHA1
7d8d9e796bbe61f34eb8d2ce36f6fb111cce5166

SHA256
3c133aba5d38a087c87d5c8cef17f62819ba54b47d8a938bd4f3482f181d6096

SHA512
57c18869675ae6f1d133985a6b9b9f096bc4729ba2a13d919d004ca7d67d61f1a10fcb6d601ce535b4db22ce15ac20de6573fd73a2639bf1f45432c7314f819b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
2bd75428b71bd4c94bbcf7accf52ecfb

SHA1
dff9fa395fba9184b60cd3cb409a9dfedb806281

SHA256
e88bd6e5658595083b2a3959681f2f84144cfe049aa99eb2248e964a1f4f391b

SHA512
8ec0f95f597adb6aa7c18ea4ef80a0abf35e5e3cd821d8d5f93f397240d23a99ad8f201a7d3e12fb4a8909dc9536d3921b23e2f009ff8f4ce634dc5a97c5d26c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
592e2d70a54f3263b0d459f1dd7d0ba9

SHA1
b7caf7a9ae87524f2b58d61e7a2e259e85f8e45b

SHA256
cfe9269b7f6680078e2916fe189a76f0396b86419b7fb9af36600ff9febfaa0e

SHA512
f9087759d66e41ad6634cf72868a1ba480913e6faf4ff46e2145005a1382eef36229ab12f0bef91840d79655d473fbea1ae80aeaadac4c209cbca8f3ff464e90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
a62f7b938ec92afb3e6236c603ec5e7b

SHA1
0418817da889fc38085be784580ef276e8961c90

SHA256
33137b26d066bc610534a417b4b809778ac02fe2f48929f7afa4daedc83cda15

SHA512
7fe3c3533ceb83392369f5997ed33122be58d265103f217751eabf0afa144361592a28840a2387e3883c0514e9cc73a4fbaaf443ce998564c3585202f7be4463

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a0424d844452425e4f203781f56662e6

SHA1
fbf7cc311f70fd6a61cd5c9bd68248bafe44d891

SHA256
cdc65ff5e914e717ab85182bac738f7754827aa7f828f96467a8b3f478d0affa

SHA512
7408ab5545a31a711d6b946981ca162f10de9c9bd56bf709638e7fc2b7fa2f1d8b703fbf4ca67b37b7d505dae5f629daa3adbbb86dd22a19798d0c7952686d4a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
17e2e16a38f4fe1f678cd256b7206ea3

SHA1
42d6a7f58529b629cbc62b13d8e7c9111d3c7185

SHA256
2cd48bec9efb41802af2017de59bdbe37b5a5a52d666ffd5eee791a8e6b6d2ae

SHA512
9ad2ec06e7a7e48097e4b9d90680c1b70f19f5b5f43990c2bca88d061cc71d3dd5f096eb196a09fdca82f421c7f980c8b94c8e3c5f679579c736cb2431315cff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2d3a2c1f2a7112cba365b76ba288a71a

SHA1
e8292c39bf09ba033bf173caeed07fee1eee10c3

SHA256
e77d5533129baefa2715b08bbf37f462d654cfded8cf936cea6e468f256547ed

SHA512
4f65fc872a777ae549afadde361192aa1b9b65d76e2548c7e739d671578e61dc8ccddeb1877a5371a19ae54d1ee282c7b066dcfb554be66dfaa69c7f6a59e378

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0c7bdfe0f6d89637cdcdb8c81b683f7b

SHA1
0011a07c696b5f8670902ce700463294a9ed1ea9

SHA256
640316d1508adad2ca37013f50ef19b7efd817781cd6b6b9e3fa6d2801301a24

SHA512
b9cd71d7f5f24886573bb8c6c6baa14976df5c76b3b6949360830215fb760f295b07844ae139bb2d5de90259e4b88ff8ef82844d327a9f5c5a3c3e6508f71c66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
160da0b3c9003aae95d7aab0824e9387

SHA1
4c3b44332542319b9d2e46c4b0270656ab90cbdf

SHA256
98d5f5a42f9c8ac88a54e8a2604518ea2ae673a715ef6c6c2bee66db5699c033

SHA512
1bc802e10575f2029433eeb793de1d0e26a1a31927e538a189b8682a4210172510775515c778dc61ac0864b5064ff13917ac0ed29f75dc2f9b37c31f9014297e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
90f29a847c9ffe0160be845e9e8fa249

SHA1
0169d86bc5d38564de84cf764c0b066acc053b97

SHA256
0e2e5f8417d94503bc0cd794c3f169f3b49d85dbfae412b8602266ddc4f28f07

SHA512
0ba1877a65b89fa61b4f937005a7fb1bf5ce8b0eed0ff52b1a0236b4d62a4fb83cc64f012da45c1fc2d4553618f366372f4aad0249172279ca646d627bdd24e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
370B

MD5
59840af79e63852c7969a216d33e04e2

SHA1
520bc5263539a29469e3a269f81ec94b480b1249

SHA256
40d43e9c088f041396c534ed2d93af929b5df2f4338553526e0f19ccdd8f46f5

SHA512
cdedfd2cdfd21bbddb422aaf979f2db19cdf85f00a69915bc18b51a3405affe63993fe0f11cbda9ad80dd7737c4efccf61cfc721eb7c18c2c2f1c5f7a6e1f8cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
2bbc85b109f8c21874b5e63f0f6012d9

SHA1
9331c56374da54f87d7f8ed6cdc985ebcfc42b4c

SHA256
f5c00771ed53a3aa96fa2b4178f7b710f66c435985653c522088893c7b289bfd

SHA512
a3bd617742e2974b39404366c581dc0599b479dbf6ae32d65f86e41ba3703be6002643b40a218b9a4513e76cc81b9a1eabc0cd6435b090131b2e1f64875a149f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
15fd3e627ed8412076771910998c2ad1

SHA1
bca9f25111c1729787a115ca5a8bb2da3d19b80c

SHA256
03690355b081dce1706fdace28a08fd8348983a9b32bab39375f3e18d1a97f14

SHA512
722668f65a9631c82c00a7527870ad858d0ec81565588497e8266082702b650ddbb4be042717cf6256836c7ede988935b5ef10b5dbc4f7bbb82ec0de1ac0154c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c7540eb3d7758eeb5f6466752ebf38cf

SHA1
40e156fe7b4078f3c560195e16993f4c2a82621f

SHA256
723115c1dd40bcef039cdb30b1a5cfc94fc0149708a181e1c5b2245f53e440e8

SHA512
0d7c0625cc6517f62ffdcb3f93a828a5e6672f2dbb1e4352a3fe30c991ef362c6979750582e64b072d43577100cdf7c95ca857674534769d341153ef297736bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
53534477e839b9c5491545c49c3e5d27

SHA1
24b29bfde45215078e24d0e1c3154c78673dc6c7

SHA256
19a8cc2921020696ed66d92026805cc4ab4277a4c3cfef43e333dd8fe790fd46

SHA512
8bb0d93addb631d7ba0699843af4d57859aeaced06fcf10c15bc4c6adab2536776d973ab2ac21da86826cd81dce75e5641a46964eb4b4f644086959be8c7380a

Download Submit
C:\Users\Admin\AppData\Local\Temp\nssFC9F.tmp\SpiderBanner.dll

Filesize
9KB

MD5
17309e33b596ba3a5693b4d3e85cf8d7

SHA1
7d361836cf53df42021c7f2b148aec9458818c01

SHA256
996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

SHA512
1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

Download Submit
C:\Users\Admin\AppData\Local\Temp\nssFC9F.tmp\StdUtils.dll

Filesize
100KB

MD5
c6a6e03f77c313b267498515488c5740

SHA1
3d49fc2784b9450962ed6b82b46e9c3c957d7c15

SHA256
b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

SHA512
9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

Download Submit
C:\Users\Admin\AppData\Local\Temp\nssFC9F.tmp\System.dll

Filesize
12KB

MD5
0d7ad4f45dc6f5aa87f606d0331c6901

SHA1
48df0911f0484cbe2a8cdd5362140b63c41ee457

SHA256
3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

SHA512
c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\nssFC9F.tmp\WinShell.dll

Filesize
3KB

MD5
1cc7c37b7e0c8cd8bf04b6cc283e1e56

SHA1
0b9519763be6625bd5abce175dcc59c96d100d4c

SHA256
9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

SHA512
7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

Download Submit
C:\Users\Admin\AppData\Local\Temp\nssFC9F.tmp\nsProcess.dll

Filesize
4KB

MD5
f0438a894f3a7e01a4aae8d1b5dd0289

SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6

SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

Download Submit
C:\Users\Admin\AppData\Local\Temp\nssFC9F.tmp\nsis7z.dll

Filesize
424KB

MD5
80e44ce4895304c6a3a831310fbf8cd0

SHA1
36bd49ae21c460be5753a904b4501f1abca53508

SHA256
b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

SHA512
c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

Download Submit
C:\Users\Admin\AppData\Roaming\JJS-UI\Dictionaries\en-US-8-0.bdic

Filesize
436KB

MD5
0af2c2ded404eafedc91003914dc1650

SHA1
1ffddb9c1958a872401e906928934a34529b7433

SHA256
1ed02f55bb7a2689704b7995f0f7953fbcf9bfc7ce7f7f178168fe58f3481575

SHA512
60294b1ec4bd71c328f0aebd2ddffc6d1acb24be783d939b35ec059053f407b8c2d1cb8b082d3479ac1a12b87aa62e0055695a43b205e0be2aa7da210ba41526

Download Submit
C:\Users\Admin\AppData\Roaming\JJS-UI\Session Storage\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\jjv5conf.json

Filesize
37B

MD5
272d5b39896b5187819716769533a3a5

SHA1
137450dbc4b8828d4f2c04c5ca33a266edf62aef

SHA256
48b4c0e8fcb52d2eb9d42f188b023652f35c12dc02fa0890f1d341581ad220e8

SHA512
8777dda2b2389726642e20a7cce43f59e6d9521ca54bbb2eab40e05e0a24d5f3b6612dfd561da986d1356cd80bcde95e6773c4e642cd55cc59bf49c8f3a64b04

Download Submit
C:\Users\Admin\AppData\Roaming\jjv5conf.json

Filesize
118B

MD5
336fa00e435cccf816c8234fbbceff66

SHA1
ca63aee89d840d884ec9cd9dbb98b5c8585183cb

SHA256
e7e75c4c295c5f82e19446a3f6abc549bf4679cca4421492852be49762de2234

SHA512
d757f45740907946cf7ea2c6d13144cfb78cdb7647ced39b3acfe79e93f6eccc8d2a8f2472f4665eefeb4c71416be1a85cb82a8ef273472d85b9c1d9cf973193

Download Submit
C:\Users\Admin\Desktop\README.txt

Filesize
187B

MD5
dc2b17ced7f566c8c8fa76e76388100e

SHA1
85834c3ffdb8f58736da81835d2fd4612d729607

SHA256
5e546413b92e3b07cc9bde569a8ecfd9fcbc6c5ff0a65608c893b927b8aacde7

SHA512
08d003f8fe6893cc5cab1ab1a24dee0bdf6b44c024a630764770cfa66861b17dcddc82cde272241532e312c55ac432f8242c8ed14810b927e45a2c58ba7b4578

Download Submit
C:\Users\Admin\Desktop\Synapse Launcher.exe

Filesize
788KB

MD5
20e1eb6b9b733bbd26ac8be5be603de2

SHA1
36beefc2467d94b5ec9ae843b2bb099898581bed

SHA256
73af760ad2ffdd931210079ef4b719a1a8c41a864e7d0a39faa5c1783fb140d6

SHA512
d486fc560f0f6d94428b58ae041a17053659e78c49fe9154ca9e642d692da43aeb7dd3f03b1aeb428ea398bdbdfab743960c2f0fa885cd97bc31655be2e42e0b

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 45079.crdownload

Filesize
1.8MB

MD5
f8ed22f5bb54f2b4906b602e55ab56e1

SHA1
9a4f59afd6974802b2c6f0ef7d3d5c4dab3db832

SHA256
0ebed279fa0ecd6d549d1ffd92c863769cfa29c38daad73a8e668575a7efc57d

SHA512
8657561baece0f5ddb15020b166e1ea8b6787188084f1d0b522a64ab39b60382d12b88df98fbfe53ae54edd6f9b1eacb1fadb6be2e7458eac2b73b7e99468cf8

Download Submit
memory/5468-1473-0x00000000097C0000-0x00000000097F8000-memory.dmp

Filesize
224KB

Download
memory/5468-1474-0x0000000009790000-0x000000000979E000-memory.dmp

Filesize
56KB

Download
memory/5468-1472-0x0000000008770000-0x0000000008778000-memory.dmp

Filesize
32KB

Download
memory/5468-1471-0x0000000000CB0000-0x0000000000E86000-memory.dmp

Filesize
1.8MB

Download
memory/5896-776-0x0000000000840000-0x000000000090A000-memory.dmp

Filesize
808KB

Download
memory/5896-778-0x00000000052F0000-0x0000000005382000-memory.dmp

Filesize
584KB

Download
memory/5896-777-0x0000000005980000-0x0000000005F24000-memory.dmp

Filesize
5.6MB

Download