dcf6bfa9392179f23ce11d1fe78325845bf0d1a921b720ef3cd7878020623e42

Resubmissions

21-06-2024 06:37

240621-hdgsjazdrg 3

21-06-2024 06:35

21-06-2024 06:33

21-06-2024 06:30

21-06-2024 06:25

21-06-2024 06:06

21-06-2024 05:55

Analysis

max time kernel
149s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
21-06-2024 06:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

steam_pfp_1.jpg
Size

5KB
MD5

db49c318451e36edef4137e52013da0b
SHA1

672212d918f7a67e9667efa50742d30f86663cf2
SHA256

dcf6bfa9392179f23ce11d1fe78325845bf0d1a921b720ef3cd7878020623e42
SHA512

5688a951972310da828bae076187e111adbd7670a8664a40ab6c26ffd4a85243a7c6a22c5482e889b8d058a0826c0654fd855035393a2ca747c4d5f2700f2e95
SSDEEP

96:VWLxsrCRz/hrzk1aCJCUvY6gkBMmkSM8AkxudbpXSG1i:ETRzJ8DJRf3RxJYxpCyi

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133634250410089281"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

3084 chrome.exe
3084 chrome.exe
7716 chrome.exe
7716 chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 60 IoCs

Processes:

chrome.exe

pid	process
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe
Token: SeShutdownPrivilege	3084	chrome.exe
Token: SeCreatePagefilePrivilege	3084	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe
3084	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3084 wrote to memory of 2772	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 2772	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 4776	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1288	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1288	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe
PID 3084 wrote to memory of 1068	3084	chrome.exe	chrome.exe

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\steam_pfp_1.jpg
1⤵
PID:748

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4168,i,1697479186275492802,18058102846092193784,262144 --variations-seed-version --mojo-platform-channel-handle=4572 /prefetch:8
1⤵
PID:2404

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffbf7cfab58,0x7ffbf7cfab68,0x7ffbf7cfab78
2⤵
PID:2772

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:2
2⤵
PID:4776

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:1288

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2272 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:1068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:1472

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:3096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4288 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:4168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4464 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:5140

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4588 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:5172

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4468 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:5432

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4508 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:5488

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:5544

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4868 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5736

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4724 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5200

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1804 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:2032

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1752 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5448

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4964 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:4456

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4972 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:5660

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5208 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5164

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3224 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5856

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1948 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:2344

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=1600 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:1724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5528 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5468 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5452

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5400 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5780 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5256

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5800 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:4592

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6140 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5404

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6284 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5908

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6484 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:3320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6524 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:3508

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6652 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:4436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6868 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:3400

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6840 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:3540

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=7320 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:3732

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=7312 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:4084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7336 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5764

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7736 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5608

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8004 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:8
2⤵
PID:4028

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=8092 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6180

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8260 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6260

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=8444 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6412

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8576 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6484

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8740 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6492

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5944 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6796

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6884 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6940

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=6024 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7088

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=6096 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7096

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8980 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6632

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=5988 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6628

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=8376 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:1176

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7788 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:1684

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=9312 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6760

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=9452 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:4232

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=9476 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:4592

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9500 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6880

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9528 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6892

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9532 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6896

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=9408 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6888

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8480 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6912

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=9432 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6920

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=8516 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6932

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=8440 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=8896 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6968

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=8752 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6980

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=9012 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6988

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=9084 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:6996

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=9560 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=9584 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7008

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=9592 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7068

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9620 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7076

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9636 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:7084

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=9660 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:1
2⤵
PID:5832

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9308 --field-trial-handle=1840,i,4640060972507142279,16991807541594597627,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:7716

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:428

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x378 0x150
1⤵
PID:3984

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
Filesize
69KB

MD5
921df38cecd4019512bbc90523bd5df5

SHA1
5bf380ffb3a385b734b70486afcfc493462eceec

SHA256
83289571497cbf2f2859d8308982493a9c92baa23bebfb41ceed584e3a6f8f3f

SHA512
35fa5f8559570af719f8a56854d6184daa7ef218d38c257e1ad71209272d37355e9ad93aaa9fbe7e3b0a9b8b46dfc9085879b01ce7bb86dd9308d4a6f35f09e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
Filesize
326KB

MD5
9d49c318d858059ef14b999577d0fd9e

SHA1
25693280ecdf7ff92ead0f741d4a0133f9afcf0c

SHA256
1ec31c82dd97bae431d252efaf380a84f58bddab55033051374413d962dea9f1

SHA512
d19e31b33ca6323bba48dda581138308efa52e820f4331af925462681d8dbf777ca4f17ea9246b83b907a00eb8ddf57fb1256b531c08d2a277a030154dd1d20a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
Filesize
133KB

MD5
c72e105574be1a4f8f65d8217646fa5a

SHA1
5ba2984660ecc5f6fd34e9913f08de08ebef6011

SHA256
bc7fa3e2c7502e3cf3f4970d70246c9cf1bcb5ca88e97d91e597c8bafe8463e2

SHA512
da5e0b485963e719ff4a860d27127430660f2cb49c55874d0bef927c16284af7f90a36a1bfd9857437140819fa788e18e8167b22e78011468032de89f70e0864

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c
Filesize
19KB

MD5
3be2e9c4c58e18766801ef703a9161cc

SHA1
cbdc61e9fa2bd8c4293ea298a8aab94745e57f2d

SHA256
1c3f11c5ba6d3d5e0e1e88a3de6c27a16df13833470a19c03b04fb2f99dd5d57

SHA512
2f1a71f1fc17e79ddc1c0ba0be697fdc1641ee38604bd0c424b6ab702f008f9fd3c57f22ca959cea1f1de368016b258027190c279637ae8838787be366e40ec0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
2KB

MD5
956d618150f267a693d6b108e0ad6c1e

SHA1
562d0e039bcb66834c0be4d9e528bad38eadb936

SHA256
65b47ba9c8801d09895f16f5321dfabc79ccfa2409fe73134bb1894e75d3eadf

SHA512
677db287f16e2f6d4ec7a0e2182af61d06a07922bffdab6e8fd90704c66b028eaaa110b29a09a372c04d38ec25c7b1963c613400c133772e422b2a7aa4ca9e63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
415dc9302fca99675274a0bae7296865

SHA1
fbf3c0594fafe1e3970ca2cd98550e8dbaaf4a97

SHA256
028f7417611d7b1df0e2bbdc9820e10c73e8573bb5d5104fac4c0b996c2ef919

SHA512
d448d43bc2d6cdcccee10c0acb3df7a8f3ce5c39e003e35d3c1575054dea4eb922aab1a3c1ae2c8e9c8a5723fe69919717fb05474e74642c377cd07eccb7a287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
19KB

MD5
0ab17a44d3157f45fa78f661b3bc8236

SHA1
d310da5c1fb6d93cb42dc2e145038f56adbf2b56

SHA256
7b40eb5cf134347df897a1190f4285226bbc0659e3eafd5e26c4632f19e50569

SHA512
d43a26de16072098cd6fc97fa71d893b4c76d86d1f0c6ec52c1d3412f0bd4f2a16fb8f8b57cbafc382e70d73e4c74fe2858e37a0c06c2e9707a5ded911029232

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
5667da260b323dbe306e7a092cbc5665

SHA1
9109d6dd80a98f68c47ff3de655e04065dbe9508

SHA256
6d22b9519310b2b0025f5bf94526b947719e2a93dc65391bb69757428cf618e6

SHA512
55e095c4baa2d1d6a62bb247243b343b9b140a135e60586b1cc81b1bead4becb4c0a234e001cb46f02c8316f4cf82aa28b00ed5c224452cbbf1f4f7913118504

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
6a8c1324a5329177ff87f3d13d294adc

SHA1
114a9ea68b590ec5eeb09eaf118f1cedc656024c

SHA256
a5b85d3758235e028b8a710221681ba47480e444ab450f114bfa77bbeaf5ebc7

SHA512
58a9b92e09f0cf6cb93f9f3ccddcf6ddaeeebe33e0ba4352f2c9af16bdee1d141170630d6576c1332224370fbca12db5182a89076c576fca7078f30e624657cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
356B

MD5
307dcb795945806ee0a3d2aff7dbf4be

SHA1
4a78c6c8caeff9b48db587d04e1868ac872659a7

SHA256
8e2676ea3cfcc8d81ff11122942ef995e955a9df3df691cfe0bc84fdd442cfed

SHA512
c3237176f4726c56f6202ce8ca3184b1da3e060935bddedc94e0e34d37906878b981f8c53051b30840c5913eb1fc893783bb11c046ff1875967bb6a5bb80866c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
10f15d75f48d365dfcd799f742567522

SHA1
2c3ea1e8605ba3d27cfc3914fbdc1a67de54d313

SHA256
b752950c890dc0c64a5ebf10d7c7da73dc53f479bdf13ec48f3c7007ec76b493

SHA512
cb866ceb73e4402dc19a6e623812e664d50f37cf7bcf952ffd3151186649e7e1be7ddd36f9c31d1274999bfdbe84eea6ae2f261ac410d6fdfe110fbd3d009eac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
1KB

MD5
29c68ec8f83bf668971cc962eb11fa0a

SHA1
c95c0c3871e675bac7e3b2b1edbcc21d1071e11a

SHA256
bf4371f9b7ee6b79958b674129e0a9a3f67d3451520340dfe85df1c978bac816

SHA512
fd674febc1074dc7478720803c5523e281430b5f2f4476b8b8c09b6f220a8cb0b58fee68fb5284815507879f98c279baee83d014ae9bb0520e9fe33af9457566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
2KB

MD5
2807167b8d26d678c26e9103cf36b814

SHA1
ff77b3cd97f9fd53b4a4df06d31bbcd39c49619e

SHA256
e838c34836c58e96acc1bc249fa0f97532a594083ed5abadf5c038daa0133bae

SHA512
5cb18c31b1d8828e262f2a556898c90959275320bc52180ef61812f8c0b38a9b38b2130249fe936fcb32493f96c1df4049eb64364dd90aab346547dba7c0cb0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
54f0d39107443d07ec3473bd2931f742

SHA1
073e2f06a3d3bf748d7fa5391b68b65ed8019f27

SHA256
304c6d036265450f92a4a6389a6377c61ae650e83cb81ec0d39392a37e804b94

SHA512
2c25b7e383545da4da4d5f51d6b899d404bf730c6578d71e61253d9776dcc23b87f6157f82f47fc9ff2a8112e604b872a1ecb6a93a96b55af30260c88982ea4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
5KB

MD5
ab296c57cc149ac82d025fdb06ba7c09

SHA1
5b966f7a54aafb37b12f4c026b42d6315092ee9f

SHA256
0628a2ffceb68ca6439effa56d8b5de7cca58d67c3742f944beb921c256255c6

SHA512
0bfebf2bc9b52fa05fe8cf90becba26bced53c88e42deea2ad1c83c7208d4c47b69a5d4685ccd998d52818dff744a5048fd15d77e038915a1dddebea06ab3769

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
81d878a4817274caf95469df16d1c164

SHA1
e55d16c2b49e9818736c1ddaeab21d76cb903d51

SHA256
f325d2c44f867de4d71802914f27c2ad1cf2fe5deabcb3c2a46695739b38c62b

SHA512
5bb61694f8a263ffdea07ed86f83509b163e20ba986facc58367111084f08d728f2a5e55be35626ae014ec3299869baccacf290c30c1fd71235acf59dd80bfa2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
786ef3dd91c8fd507a018ba12badf24d

SHA1
604448f2ca84e3ed8fbea94f951515eb1775cabe

SHA256
775b0ddba613547f7fad0bb566f96f28a7acb2a196ca84a855cfc84ce5df5492

SHA512
aa37754662d1b095382bf30af606ec037a33af5bc74e00a25e465b1762807bcf78cc12154866206559b64c789c541d4e17e0657dd3f43adff6f629bc25b1f48b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
57837e149cc750e0a34dc9c72be110d3

SHA1
b0862922517930d28c03681ff4f988ecf850c8b1

SHA256
b984b911024e35abf740e0c4ba9195ab11c887bf8662463f26bd11b302aea129

SHA512
066929d3acfc6964ec43da5a9c4c0aa40280ae78031d56b0e93a5368a5846ca597b88427dc63132d3e4711b328297c6df38870b50fbf0519efd2647af99637f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
7KB

MD5
81945e0c0f6610c17cc14c21f4f6fa19

SHA1
0d9cca03ee7e4266f4299b3d188a78c470813e60

SHA256
d50a2f1348687ccf706c7d4d0b9de6bc123defd71f457832c44fb41d38515514

SHA512
4023983ab359e59cf0bfebf9766adeec819d73efcc0a56ede02778a335e9cb26c2d6e344b8a6438340ab1c241f35053eaf5597e46ff40e7321793be5fb200464

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
b8fa33d3feb285a04a5941a4fbf39a72

SHA1
1f1d0aa752ca8e12c621032b9539d7e4ab4b5979

SHA256
c6e36b979dd852d9cd632cec0443a8f3dbaa0cd86fa387bae838b491d7379342

SHA512
d36bdcc4f824991ed2e06de20bab82d617dbae0fa5c99586c0f1fa2b0170fb433447683ffe6a7b6308a8a1e4e4062a7d3e5c0e3675d556e175aea39e90db00cc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
16KB

MD5
5052233231fae0362231bf2ea2ba1ec1

SHA1
7c30c7b77f647d47f2f4628a5221f9efe5150db8

SHA256
3c791ea2bc4a60f8296baac0fb1139f5301709f0faeccdebb34d0fd3081bd0f0

SHA512
e6c8b07243c4aeb192efe68eda164e764ca372b0cbfd20cc139af95e2ce5c2d6cfd45bea4c897b23a4bf23d10666fae270c5c69119cd8404a5b9418e30ffd9a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
270KB

MD5
9e3ad3e1f6551c4b49885de2da59643d

SHA1
d165f54aebf77a0e549df662ad498c78cf054024

SHA256
34f8dcbc3def9054319477e2fac4397492442d88fb46708f73b4331e3def8c77

SHA512
a743da146291cd592746dd8b6c3e380f0f0c402c77bd29e23e148957e71d4a10569f2ee1577cb04ac69de5a082a3ceea655537b23e04c27d2ad2df64a0575458

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
270KB

MD5
ba20d7cea839538380a98e5d6662e3fd

SHA1
9c771707acf4c9f716760f46c0a12b1075fcde9c

SHA256
273cc1a63c798366fb1c3d980119c295af86e0dc7a14c16299c416cd812cfa01

SHA512
6dc10ff6bd938c7fb151b806e9cb6587e22f21229fc8054330108231beb8842b6064f88237848c1e2ce44337cedad50c9e6ec4f4b1cc92e2bd27cdf45edbbf95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
Filesize
91KB

MD5
bcef50597d6ae1426492c51ddbdb8d52

SHA1
077e45be73f96937bbb934468c8e8b515c853cc2

SHA256
64114b639784ef21797c8fe338b98d78bc95a2778fa6363ff57b5efcdbcd80c8

SHA512
135de1f1771d327e6e2db1d2ea2a181fb63140b0dafa04a32dd1bcaec379eba6626006eef3cf3e966646d336a7041bfc35104e59880f736608534b10aa919449

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59d8d2.TMP
Filesize
89KB

MD5
85b4ac2e98bac137356c8face43c9ad3

SHA1
e380ac9394ceb4d21b8cf3d5e37410a0b799a790

SHA256
47e3d8cd5b43ab96f54e324b8b7655bd40272a5b52b9b6f6ee3e040183cb7353

SHA512
c9fc08ae438fab6ba96265c708356775fedb97a0d1c8c2b4df63af01c0a3f15daef0929375c7e94aeefb6e9dd238c1b1156a1361c72163309a957250ace665a9

Download Submit
\??\pipe\crashpad_3084_BZRHBZGCOWTQWHTX
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit