hxxp://waveexecutor[.]org

Analysis

max time kernel
1050s
max time network
1044s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 21:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://waveexecutor.org

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643429550024858"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3558294865-3673844354-2255444939-1000\{F9036844-0882-4F72-AFF9-E27FB3838FE3}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4976	chrome.exe
4976	chrome.exe
8068	chrome.exe
8068	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe
Token: SeShutdownPrivilege	4976	chrome.exe
Token: SeCreatePagefilePrivilege	4976	chrome.exe

Suspicious use of FindShellTrayWindow 36 IoCs

pid	Process
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe

Suspicious use of SendNotifyMessage 34 IoCs

pid	Process
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4976 wrote to memory of 4592	4976	chrome.exe	81
PID 4976 wrote to memory of 4592	4976	chrome.exe	81
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 744	4976	chrome.exe	82
PID 4976 wrote to memory of 4952	4976	chrome.exe	83
PID 4976 wrote to memory of 4952	4976	chrome.exe	83
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84
PID 4976 wrote to memory of 3936	4976	chrome.exe	84

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://waveexecutor.org
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbcb31ab58,0x7ffbcb31ab68,0x7ffbcb31ab78
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:2
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:4952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2148 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2984 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2992 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4140 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3260 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:2972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4292 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:2920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5048 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4420 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2092 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2184 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4700 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:3648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5208 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5304 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5180 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2528 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:3396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4940 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4424 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5304 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2688 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4304 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4688 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5528 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5480 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=3912 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4412 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=2696 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5452 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5528 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4700 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6004 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5856 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:1752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6192 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6336 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6508 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6680 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=6872 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7004 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:3376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=7012 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7352 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=7328 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7616 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=7844 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7812 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=7984 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8352 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8388 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=8656 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=8848 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=8996 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8336 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7980 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=9328 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=9508 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=9672 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=8660 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=8188 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=8152 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=8164 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=9524 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=10380 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=10416 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=10552 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=10368 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=10952 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=10888 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=10364 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=11384 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=11692 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=11828 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=11844 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=12164 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=12292 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=12104 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9100 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:8068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=972 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=2736 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:7192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=11832 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6168 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:8
  2⤵
  PID:5296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=6292 --field-trial-handle=1832,i,11995520389711392661,13365609922887562098,131072 /prefetch:1
  2⤵
  PID:6632

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3324

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x49c 0x2c8
1⤵
PID:3020

C:\Windows\system32\backgroundTaskHost.exe
"C:\Windows\system32\backgroundTaskHost.exe" -ServerName:ShellFeedsUI.AppXnj65k2d1a1rnztt2t2nng5ctmk3e76pn.mca
1⤵
PID:5916

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
211KB

MD5
151fb811968eaf8efb840908b89dc9d4

SHA1
7ec811009fd9b0e6d92d12d78b002275f2f1bee1

SHA256
043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed

SHA512
83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
69KB

MD5
2280e0e4c8efa0f5fc1c10980425f5cf

SHA1
1d78ccb26fef7f1bf5bf29de100811e1ac8bda23

SHA256
b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74

SHA512
b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
329KB

MD5
ca23e93a4620c335a26d9b9aa591c48d

SHA1
36e5cf8f286263f7c863b46cb26ead72b3ca4b80

SHA256
e56b308fca4b5571290bd5f4bb8376393f4e304c9737a90c2181dc1c8d1002ba

SHA512
c48a9567d0ca27382e86420e4c52fef96a6850790fe1017407e27d6be8d5d4c4f2eba01353b7126973edfd7430fbb25efd4e94cf72bbd8007284d3c8ad517df4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

Filesize
105KB

MD5
f94a23999ded29172d782cec94ec200a

SHA1
b53b54c31b2d8267e57e900e05d7256cbee8fdcd

SHA256
862a9834102c10710d1d031344cdf5f42a1fac732893d18eaf42434d3df5a0ef

SHA512
99147f93bfb2abd8b79db780adfc3132e0844f8c4f063a513e7f6810416bdfd59cfe09299cea70bca2162f12b514edb2776162feba372915969c058611408200

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
19KB

MD5
bb30ea3b46964f49ba85f475efd1fb6f

SHA1
1bb4aae7781af8b933e1dd4dee56879a3ef92d38

SHA256
7a5bfdc2463dfde6b169ca4555ce9f5a0fb21c15c3ac807967590df27dd800e6

SHA512
bc52e8de4712d416aebf1d403d6ee8dcb6386a93dfc6727613af487f73de69db90913a9e9781660d8dec121d720ceec9c84b260c76f0f6f565ae80967eee7474

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006f

Filesize
62KB

MD5
1721006aa7e52dafddd68998f1ca9ac0

SHA1
884e3081a1227cd1ed4ec63fb0a98bec572165ba

SHA256
c16e012546b3d1ef206a1ecbbb7bf8b5dfd0c13cfeb3bdc8af8c11eaa9da8b84

SHA512
ff7bfd489dc8c5001eea8f823e5ec7abf134e8ad52ee9544a8f4c20800cb67a724ec157ca8f4c434a94262a8e07c3452b6ad994510b2b9118c78e2f53d75a493

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
e86f72d9d0f5d4cc33b8d181a32603c6

SHA1
431274ce0d241b6a7cb4d1c6f253ce6c2f7bec99

SHA256
1a0aac2443eaafea929631d5e9d3c3d314fde2088e4960d98b842566e5ee592a

SHA512
a55df55a4b04f6f6db1f57361faa40ed75eea2657e789af81cbd42b751818db8429ec79c3857630e1afcc9a0cc8d1cdc94b29e9d60368450c99fd463ddb4e3df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
c29417a718c4adf16ac6414f6ef2a75a

SHA1
aeedc89952f41bfea735dfb083c31dadc8760476

SHA256
628d4f5563e292f98e05f4fa5ee152d93a6c8d5763b454677a50028b9e62e07b

SHA512
78319c799c81dcecc5701e7412d2fb67d8942c9896e054fb10fccb3b74d78f04ef47db37b03d705e488864bfaac830cb12a4019cfc4e10f3265678c695998de8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
819df7d90a495805e2946aadf7c536b3

SHA1
c680f8db396838c87b0f0846ab3f36e60bf5e732

SHA256
252b3a882526055ed854ca854cece9650f3172ac0c42d1d59afe2fb023da5bf1

SHA512
b1377f87cd1239adac6808734a7bdcbe3dd9f853ba17e6740a71e76230c8e792a6615ecede614f14245ef992d0bd27c8e42310f948eb1a96c4128daae11585ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
192B

MD5
31b36fa2002a864f53cd2911b2215478

SHA1
60754d3a17cb242df65f54bff680deacf45e976b

SHA256
2ea9f9060450dc012230bd8749dd0e50152b010fd783f894256a0578b9bfe8e0

SHA512
5cee6c5a944f79c1c262a6c369f3fa9b33ec01814352f156c8b155532d2e7405f2efdd721acccc69b371fb0a65b916fb1bf3e2d6064c722468fb1512a3674532

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
20KB

MD5
35c3390bce1486a9fc4cb34d55f6a2a4

SHA1
33d0908077cb4eb973fbad091b74477d1b9f0525

SHA256
51273c9cd668d1720a61b533afa06c0b918e20982f4287b1ff80a0586594e747

SHA512
709b88d567fd08ef315b5b7d9c0568d6d168c503e23739afe977fd1a5699997de49ea24009a9ed65f7bc4a18253baf602258a50b9309c9e75b4e458602e66eaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
21KB

MD5
b6607b3a71184378a09bc43ee30b3f73

SHA1
fca2821191a59962a9e0330ac0d60ed7d38da636

SHA256
2c508c4a49cbe0447f3be82866f1f9dee15fb59a817a5ad03d95b963e09a8921

SHA512
d9198c4038c08a00b3aa684a8167a9209310d71bd933b077e91b4c7392d83d670ce6eefa8d62ef424c16dbecb77287aaa85c0516287cc5b73976bfac71c74c81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
9c45d4ce0b3505e3d055fe201ba20022

SHA1
2e8e09e2a329756bbf35624bfaba99915723cf27

SHA256
e185f770731283945e8c76d88e8b1b6fdcf63bfc6210bd4a8c7ceda7b8c1fa12

SHA512
79002fa0805f60029cc0ec857fb70693ad03eb0b807658cfb1c25a3fc66a346d49c31447f77c8716780669fc9401641e7e5f4eb600e9a40b4ab2bfea16248cf6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
519f139baa6563f1f598fd123249ca64

SHA1
5786676f4ce59d175d364f8bfa710a963e230f46

SHA256
510bfa5df7f745acb08f46a8a52e03d730725cfc8b69468cfc2e4b8ea29fb1df

SHA512
9df224c8ac1124af1b50f3a2c90d3c61b88a3ce379cf4db7e6968a05be8c7f31e5e5035e00b298a7590d12eb696235c572f2c5e6243976113459b48db6596013

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
901577861ee6f7706c1751ed9322e936

SHA1
0100a6081260ae7f3b06985a84734fa179727571

SHA256
a6b5980a2b85d2ea03dc2309a9a4cb5ed260ec36fd81678c8c037eb8f101c242

SHA512
8f2ade6c1e908e23085657c5e1b1a870ec4713a7dbda454f3486e769a2c0c9afae7e3b170de335fcbeff4f2b294ef3c77878771a8e27297dc852e360ab6de968

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
83ba04ca2a4a709dacf564e3faac9f7b

SHA1
04ab026be695fe69ff4ea9c1c7189e5e460ce451

SHA256
8c4d631a91d0d302b97c45e311cded6554b15545df7d681a8065f76fb84557dd

SHA512
c6e47fc1deaad8c79a38789bfb053aa3d27fd23a84db06b081bc4b5237eae169fb209a9bd6e3000814c8fb4645bf4991770e216c80427702c25c968cfc68b557

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
89a89061743386876ba1106b84055983

SHA1
d4725007f41f34b765c95e97648898e81e941a2e

SHA256
47e16845ab21116a2fd6f770e9c16e8daee3bc925fe8bcc948a326c7876c2463

SHA512
27a5ba37dc8a6a7793a340296f42eafbee798aca430a9e8d85d501ffc16ac36cb434f3e0ef2b583f44101aa621009129bc60e17188ee4cb08b4d87ab25d0e288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
6e3617d2cc32fc3d0fb4955a0d1b2960

SHA1
2b6f4109e04645f424a4900ebe68c7eccaad1a30

SHA256
b1f05ec4e5d644aad22368dc4f1a386f6e50f696f8c64296d3cb1595ea5a147e

SHA512
69591f66a6725b6159b5414d89b953e024f8b613dce39213d7f7282f4af9711c714dbbbdea31238f08d4df493d1c797eff1fbf3e296c137ca12f93baaadcdcca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
581ef75b2275b5478e523403ac31e545

SHA1
08d73fba45072324fe696b93be9a6ec67e0d1e92

SHA256
03b74dde1a482363f657fd88320ebdbefc6cd090e4d1966b20cb7a639fdf04d7

SHA512
a5f290c822f7ffefd7ad4b3a5116921f1565d0c9d36806a1507c72b5ebe2041b2185f8ea6ca8eadd3b5f47df537ac69eaad63be6ca40dc02132fd10f778803bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
e70d03dfdc99acfaacf04bc5f98bc8c4

SHA1
a89b23c8b04c85b59028a3db20f0b6ba3b151672

SHA256
027d83cf64fa312dffcdeda6a4d235286dafdfa169e5cea088c3d6f289289d14

SHA512
cc247bf829b940142cafc9864660f6f17a3de2d3992c303d84fe16d68861ca4560f6c1311155515a9d5e714f9c90d2cc71457fed1dcb1eef9d487b5bdb191a89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
e2c81d1238beaa74bc81b8a8b9da012e

SHA1
257b82df1d6ad14fcd23eb3a94f474520b2e63ec

SHA256
4f1930c05fb7ec45fe21d022182c255959049ebc2617efed1e338c46029b648a

SHA512
9746a17776bae9a8d74ad06a4bed36bab418228b90148d8d9af93372901220beb8f9637bca863230b244ca008a60d0c2e15668c74efb859deb2784f4451f6065

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b967a30f-af4b-4879-afc5-96fb6e9b932c.tmp

Filesize
1KB

MD5
a976b308eaa88d27133816ffca14a83c

SHA1
014974b13eff783dc8fff79d4b3b367d7725b1c7

SHA256
53a1c07acae77e28acce997aebe771f54c40c6a2ef9428bece8d0118d14c8d33

SHA512
66cdc05aab06a5565a9cc5c2ff5d77b6b8569b1775894243ad007cd6ebb873997766662a0ecd76818e78ed4938b919a40beff267e000a90bcceb50c23789ade6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
b9583dd1ffff9def0f4ab43a88c2a39a

SHA1
848818f4019e137d8ef6aba33172542cb5096251

SHA256
a7166fa3e7be642a883c84c161893c86a4977319fcba96035c50c7c83d682f62

SHA512
f8b93e5df6fc01866b275aa6489394ac52cd2b2879f0dd7023ed2c222e697fc87538a7b2843202563e128d9c455a350a43e2e3dbc2151269cfce677eac9950db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
13c5bef5d24ba3e72ee67924e3df2aea

SHA1
0c9ca333c8d9df2509abcc5d0495cfb5c3ed70ed

SHA256
7972f788d78e39454967b24954d518183b5ac02519dd6c9125dc92fe5a599147

SHA512
1a3aba178c5e9adb1ebfaffa5e00b494826b47c96788b206cbfcb9f341105ac7cc6d2a4289e3b5636020cd5450e8396c37f0de86fe69a0fdcd97231ce5a99833

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
285913e8d283910ae9463f0a1bca6d04

SHA1
dfafea9c4ded9b9a1859a7fcd763e032c1e919ab

SHA256
2f7a31b504c2a03149807d9399d5bc8c4b6a8511eff658ab09642a3014d273fa

SHA512
e6e01c1a3466132a36027a340bc3d4984e68556523bba9977cea374f1fb11510cc67a0131221b44f4b3f637f973341812f480a19ac8ca57a2aa16c5134847503

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
2453e94c28593a1721d22da84b9194da

SHA1
7f0c25ed73ef7f91ca99c1c96f700f3a6b2504b2

SHA256
b84c0bf2564809336b6d346f920714ba95e2972a2d3d22b08f9c1d13870d14b2

SHA512
99c8f9240f2d8448cb0b306b29cf7a76938f841b9e35c8fc31e6783c5ca0dad4dd35fdfef217dd6dcacd75fbd513b3ea1bbcaf3a4b58466228bd3b9f7eccc9e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
dc94392b48c42fdbee5f3d0df7a53518

SHA1
5488c43fd0693ae65f202480c1c59a2bbb47939c

SHA256
779e4b48428dd850011416057a8b2c16eca1f15af7a9bbbe9839136974c5306b

SHA512
6eecb5395bfe9972b8b7ac789dfdb84e61e1b6b7c679111596b8d7dd25415e1be148129a1277d703d80cd4193a5b39168f46625964b90533a1e3480be3d3798f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
0268b74691ea555aec1cb2d926f16490

SHA1
57c062e4568ab92175105126649a534a24c23edd

SHA256
4a84962d3d0fdd788a0e59c4e34e95dd0903a9dd6365f729ac112d52d675d9c5

SHA512
8b4766dab48a50175ada41defa55baeaaf8d25f5e7594f323fb4b763ad30e1fb00e937055a24f557b66c7de54f31961aaacb38cb88f34cc0a8c629cac0dd14a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
44d94c1feb618435943a7fc9c84169a4

SHA1
b007b2bd60756bbe1faca92223ddefc7a42b2e25

SHA256
b5867909a4b754ea62eefd4cc5445c316eae41583f58ea551751c32cafc897d9

SHA512
4e2966e5ecda4a4679a12767be6058d0f8d51d486ea63401f38be1e84cd3d384253224040c56915bdab3aca96f0447ac5503fb836205096b8624db3aa7b0c642

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
6704f23d8946f351cd0ac9d86df22405

SHA1
6d41e5128711c9e8a2852dc0ab71cd5398f25fb7

SHA256
f702b1b7aa71f72da8dcb938db7e668bceb07448d0bffb369ab9c7690de75402

SHA512
f0c662cb523b472be4beab8b663412c51733f948033def6c01e5b50b407d2cbade4d8877c26b76f4a658d7bcb97f6b8d9b80ba3a4013a6b7e53013e524bcef99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
c364d4ad68a0a99b4fa4f019c012da64

SHA1
b40b805420ce99b227e1526fd9155d541c35ed29

SHA256
c96e3a30ddc3ab863116486139543f24d95719d545434835ff94b64d1bce2791

SHA512
ca0ef68ac2ba0923189e63a272b2fc6c8cce8030ebdd3dfed4dfbf529e35d7ce6b5f6167fe9ddd4df3389f3d98faa8973df3ba7c2775a5a358ac76d74f8a3eb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
2912d5fc41f279d12e91bfab78162871

SHA1
c57f54ad2a7fd9b065f6a65f76fbabb9e6ec502c

SHA256
77139b8fd1dc6942188980b083e4539ea3a551c1a7c5beaf6a99470ab54697e9

SHA512
00f2a3abd45eb58d6e3196c958b93dab24ea931bec8b8b4a00e6444be33a72496ce8a52fc7d5c9c01321981fdb7ad08334cc9e1422d8243095795d6e0cf8512e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
f1506dcfedb941e5f08d2aae9df58478

SHA1
0581a50b84fe05e2cd013d5e7135e615d514c3e6

SHA256
1ac35081295736033d1d89f54b5c8f98aca1ec5aa9ed590c8aeba2f61abf00d2

SHA512
cd05b2e2ae5a87b029d216084e6149919dae76602996b629950227f7b40ce9718fa39f2bf102a12f41ab7111ec153653fa076e5380f042a6700ee3067e16ff02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
129KB

MD5
4fc4120c1f139013ddae8bdb0c5f46d2

SHA1
201c9b5d57f3afce179c792f1b7e0138643cc99f

SHA256
7fe25173e8271c340f4ddb23fd3083a4486b69184cbab6f8d08ca5609b9fca70

SHA512
5fc898d17491e4d71658934eb31c592b17662d4c933d16953344ac1b2ff517c87e16d79274245156d3094eace6014af9ec6398d800df0e4ef1ca8dfe6330cd3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
91KB

MD5
8f9cca5a49376792a584f0534c8d44d6

SHA1
e6abcd633a3f60824a6971e1dfc8cc1506311db4

SHA256
ad61cd16a129fa642fce9a462b9526ead9dcfdba5fca8c0b1f985acc9e24f1aa

SHA512
7d3a393ca348355de9e6afbea8912b4e999f4dd17190534ac9bc44d2ff3b0f9da3978d6e32f52aedaf702630a2e42fcd2eab7f880ef9db506c03d770f703b89f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
92KB

MD5
9f941d52f796f23ccc652ebbea5c3677

SHA1
953924ae19394704e540886c9ca0adf3c8df5a99

SHA256
1bd8321a26963a228f3d36cdf8bade72efcd0980df56521a57d51a6c97411e80

SHA512
4c3651ee08793d9453feb91eb4e6ae59a67e79d8f0894cc4716833e358483a573a222a8885bcf37faae8b7e666af0df8e6037e9f16829244d908d7f5a1bcfa38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58397a.TMP

Filesize
88KB

MD5
8b42cf5e4fcefbd0adc1f3f0503cab63

SHA1
bdafeccbe4ef410ca4e459a387db8a1284708206

SHA256
fee62d1dc42b504f341d8c742fb0279a7308c267886805d1f0d11293e635cb65

SHA512
552b4e5a7d273b70744c5cb7fc428d87ce9815e0ab821ff4c97d0340d4178b18d54bdbaa086a1f1ad0b2fcc941477e762725199752cc8543b6b23329ca581359

Download Submit