2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5

Analysis

max time kernel
860s
max time network
856s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
07/08/2024, 19:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

text.txt
Size

168B
MD5

10a317ca10f0fd2af4bf2043ff8dd8fd
SHA1

c02bdb3aba83817ea599a004fcfbf09c419c326b
SHA256

2dbd1033a26118d27915184864ad2a0add89d5ee3153eca157fadaa62ad19af5
SHA512

192f635707607a716f2d12f191cbb12a42f65d1aa5446ea7a6fc6adfe8b1c88d3210488ceec2528d6e276593ed9603fac14939bb431b689702dd4f1829de44e0

Score

8^/10

steam discovery motw persistence phishing

Malware Config

Signatures

Downloads MZ/PE file

Checks computer location settings 2 TTPs 3 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Control Panel\International\Geo\Nation	NW_store.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Control Panel\International\Geo\Nation	NW_store.exe
Key value queried	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Control Panel\International\Geo\Nation	NW_store.exe

Executes dropped EXE 21 IoCs

pid	Process
8152	Setup.exe
7668	nsxC33F.tmp
5500	PcAppStore.exe
8052	Watchdog.exe
5932	NW_store.exe
1668	NW_store.exe
6076	NW_store.exe
6088	NW_store.exe
5176	NW_store.exe
4760	NW_store.exe
7464	NW_store.exe
7628	NW_store.exe
6552	NW_store.exe
5396	Evony___U4O1hi5pQ (1).exe
6692	NW_store.exe
7356	NW_store.exe
6788	evony.exe
6988	UnityCrashHandler64.exe
2684	UnityCrashHandler64.exe
7932	NW_store.exe
6168	MEMZ.exe

Loads dropped DLL 59 IoCs

pid	Process
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
5932	NW_store.exe
5932	NW_store.exe
5932	NW_store.exe
1668	NW_store.exe
6076	NW_store.exe
6088	NW_store.exe
5176	NW_store.exe
5176	NW_store.exe
5176	NW_store.exe
4760	NW_store.exe
6088	NW_store.exe
6088	NW_store.exe
6088	NW_store.exe
6088	NW_store.exe
6088	NW_store.exe
4760	NW_store.exe
4760	NW_store.exe
6088	NW_store.exe
7464	NW_store.exe
7464	NW_store.exe
7464	NW_store.exe
7464	NW_store.exe
7628	NW_store.exe
7628	NW_store.exe
7628	NW_store.exe
6552	NW_store.exe
6552	NW_store.exe
6552	NW_store.exe
6692	NW_store.exe
7356	NW_store.exe
6692	NW_store.exe
6692	NW_store.exe
7356	NW_store.exe
7356	NW_store.exe
6788	evony.exe
6788	evony.exe
7932	NW_store.exe
7932	NW_store.exe
7932	NW_store.exe
7932	NW_store.exe

Adds Run key to start application 2 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=98F325B1-1085-43B7-8E27-43D9CDB6EA3FX /rid=20240807191731.336240929765 /ver=fa.1091q"	nsxC33F.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default"	nsxC33F.tmp
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i"	nsxC33F.tmp

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Enumerates connected drives 3 TTPs 1 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\F:	PcAppStore.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
1560	raw.githubusercontent.com
1559	raw.githubusercontent.com

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
578	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Detected potential entity reuse from brand steam.
phishing steam

Drops file in System32 directory 54 IoCs

description	ioc	Process
File opened for modification	C:\Windows\system32\symbols\exe\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\win32u.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\exe\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\mswsock.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\ntdll.pdb	evony.exe
File opened for modification	C:\Windows\system32\symbols\dll\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\UxTheme.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\DLL\kernel32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\UnityPlayer_Win64_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\combase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\ws2_32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\kernelbase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\kernel32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\mswsock.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\GameAssembly.pdb	evony.exe
File opened for modification	C:\Windows\system32\dll\GameAssembly.pdb	evony.exe
File opened for modification	C:\Windows\system32\symbols\dll\kernelbase.pdb	evony.exe
File opened for modification	C:\Windows\system32\DLL\kernel32.pdb	evony.exe
File opened for modification	C:\Windows\system32\symbols\dll\UnityPlayer_Win64_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\win32u.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\ntdll.pdb	evony.exe
File opened for modification	C:\Windows\system32\dll\kernelbase.pdb	evony.exe
File opened for modification	C:\Windows\system32\UxTheme.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\kernelbase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\UnityPlayer_Win64_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dnsapi.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\dnsapi.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\DLL\kernel32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\ntdll.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\ntdll.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\ws2_32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\kernelbase.pdb	evony.exe
File opened for modification	C:\Windows\system32\symbols\DLL\kernel32.pdb	evony.exe
File opened for modification	C:\Windows\system32\symbols\dll\UxTheme.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\dnsapi.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\kernel32.pdb	evony.exe
File opened for modification	C:\Windows\system32\dll\ntdll.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\combase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\mswsock.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\win32u.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\ntdll.pdb	evony.exe
File opened for modification	C:\Windows\system32\symbols\dll\user32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\kernelbase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\user32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\dll\combase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\ws2_32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\system32\symbols\dll\GameAssembly.pdb	evony.exe
File opened for modification	C:\Windows\system32\dll\user32.pdb	UnityCrashHandler64.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\pt-PT.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UnityAnalyticsModule.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\Browsers\Compat.browser	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\fa.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-material	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\kernelbase.pdb	UnityCrashHandler64.exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TextCoreModule.xml	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TimelineModule.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\v8_context_snapshot.bin	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\hu.pak	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-sound.manifest	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.CoreModule.dll	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.HotReloadModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\EvonyDebug.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.InputModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.SpriteShapeModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture-star.manifest	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UI.dll	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony.exe	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Resources\unity_builtin_extra	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture-star	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\System.ServiceModel.Internals.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TextCoreModule.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TilemapModule.xml	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UnityWebRequestAudioModule.dll	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\v8_context_snapshot.bin	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\he.pak	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\hi.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\symbols\dll\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TerrainPhysicsModule.xml	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\sharedassets0.assets.resS	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.JSONSerializeModule.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\settings.map	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\libEGL.dll	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\pl.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\sw.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-animation	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\combase.pdb	UnityCrashHandler64.exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.ClothModule.dll	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.PerformanceReportingModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.SharedInternalsModule.dll	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\sharedassets0.assets	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\et.pak	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\pt-BR.pak	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\ta.pak	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\sharedassets0.assets	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.SharedInternalsModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.StreamingModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\browscap.ini	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\icudtl.dat	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-loading.manifest	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\symbols\dll\UxTheme.pdb	UnityCrashHandler64.exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.ImageConversionModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.VRModule.dll	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.UnityWebRequestTextureModule.xml	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\am.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\it.pak	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\Plugins\locales\tr.pak	Evony___U4O1hi5pQ (1).exe
File opened for modification	C:\Program Files\TopGames\Evony\Game\303514\mswsock.pdb	UnityCrashHandler64.exe
File created	C:\Program Files\TopGames\Evony\Launcher\241128\Launcher_Data\Managed\UnityEngine.TerrainPhysicsModule.xml	Evony___U4O1hi5pQ (1).exe
File created	C:\Program Files\TopGames\Evony\Game\303514\evony_Data\StreamingAssets\AssetsBundles\local-texture-star	Evony___U4O1hi5pQ (1).exe

Drops file in Windows directory 54 IoCs

description	ioc	Process
File opened for modification	C:\Windows\dll\ntdll.pdb	evony.exe
File opened for modification	C:\Windows\GameAssembly.pdb	evony.exe
File opened for modification	C:\Windows\user32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\UxTheme.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dnsapi.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\ws2_32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\win32u.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\mswsock.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\win32u.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\GameAssembly.pdb	evony.exe
File opened for modification	C:\Windows\dll\kernelbase.pdb	evony.exe
File opened for modification	C:\Windows\symbols\exe\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\mswsock.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\DLL\kernel32.pdb	evony.exe
File opened for modification	C:\Windows\dll\ntdll.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\kernelbase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\ntdll.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\DLL\kernel32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\UnityPlayer_Win64_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\kernel32.pdb	evony.exe
File opened for modification	C:\Windows\symbols\DLL\kernel32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\UxTheme.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\combase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\ntdll.pdb	evony.exe
File opened for modification	C:\Windows\dll\GameAssembly.pdb	evony.exe
File opened for modification	C:\Windows\kernel32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\win32u.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\dnsapi.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\ntdll.pdb	evony.exe
File opened for modification	C:\Windows\exe\WindowsPlayer_Master_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\combase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\kernelbase.pdb	evony.exe
File opened for modification	C:\Windows\symbols\DLL\kernel32.pdb	evony.exe
File opened for modification	C:\Windows\dll\user32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\user32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\UxTheme.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\GameAssembly.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\kernelbase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\UnityPlayer_Win64_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\ws2_32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\mswsock.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\ws2_32.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\UnityPlayer_Win64_il2cpp_x64.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\combase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\ntdll.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\kernelbase.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\symbols\dll\kernelbase.pdb	evony.exe
File opened for modification	C:\Windows\rpcrt4.pdb	UnityCrashHandler64.exe
File opened for modification	C:\Windows\dll\dnsapi.pdb	UnityCrashHandler64.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 5 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	PcAppStore.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Evony___U4O1hi5pQ (1).exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MEMZ.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	nsxC33F.tmp

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	NW_store.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	NW_store.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	NW_store.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 5 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133675315428214394"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	NW_store.exe
Key created	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC\SoftLockoutVolatileKey	svchost.exe

Modifies registry class 56 IoCs

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "2"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByDirection = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\IconSize = "96"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Pictures"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\LogicalViewMode = "3"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1092616257"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupView = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByKey:PID = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000050000001800000030f125b7ef471a10a5f102608c9eebac0a000000a0000000b474dbf787420341afbaf1b13dcd75cf64000000a000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000e0859ff2f94f6810ab9108002b27b3d90500000058000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Generic"	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\Mode = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 14002e80d43aad2469a5304598e1ab02f9417aa80000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	C:\Users\Admin\PCAppStore\assets\images\css2?family=Inter:wght@400;500;600;700&family=Open+Sans:wght@400;600;700&family=Roboto:wght@400;500;700&display=swap	NW_store.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
3320	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 61 IoCs

pid	Process
4696	chrome.exe
4696	chrome.exe
6860	chrome.exe
6860	chrome.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
8152	Setup.exe
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
7668	nsxC33F.tmp
8052	Watchdog.exe
8052	Watchdog.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
8052	Watchdog.exe
8052	Watchdog.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
1668	NW_store.exe
1668	NW_store.exe
1668	NW_store.exe
1668	NW_store.exe
5932	NW_store.exe
5932	NW_store.exe
5932	NW_store.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
6788	evony.exe
6788	evony.exe
6788	evony.exe
6788	evony.exe
6988	UnityCrashHandler64.exe
6988	UnityCrashHandler64.exe
6988	UnityCrashHandler64.exe
6988	UnityCrashHandler64.exe
6988	UnityCrashHandler64.exe
6988	UnityCrashHandler64.exe
7932	NW_store.exe
7932	NW_store.exe
7932	NW_store.exe
7932	NW_store.exe
6712	chrome.exe
6712	chrome.exe
8052	Watchdog.exe
8052	Watchdog.exe
8052	Watchdog.exe
8052	Watchdog.exe
6280	chrome.exe
6280	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
5500	PcAppStore.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe
Token: SeShutdownPrivilege	4696	chrome.exe
Token: SeCreatePagefilePrivilege	4696	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5932	NW_store.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
4696	chrome.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe

Suspicious use of SetWindowsHookEx 64 IoCs

pid	Process
2356	chrome.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
6788	evony.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe
5500	PcAppStore.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4696 wrote to memory of 2304	4696	chrome.exe	74
PID 4696 wrote to memory of 2304	4696	chrome.exe	74
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 5072	4696	chrome.exe	76
PID 4696 wrote to memory of 4408	4696	chrome.exe	77
PID 4696 wrote to memory of 4408	4696	chrome.exe	77
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78
PID 4696 wrote to memory of 3360	4696	chrome.exe	78

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\text.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:3320

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb70a49758,0x7ffb70a49768,0x7ffb70a49778
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:2
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1952 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2108 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4492 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5080 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=1532 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3024 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:3272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3212 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5084 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4668 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5528 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:3292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5344 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5644 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5308 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5452 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5292 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:3572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1512 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5616 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6268 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6344 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6540 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:1448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6296 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6588 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6492 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5088 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5208 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5044 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5356 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=6132 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5904 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=3128 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5612 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=3544 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5504 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=7148 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=6400 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6424 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5312 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5896 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=5964 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=6084 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=7336 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=7532 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7816 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7808 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8060 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=8224 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=8368 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8636 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=8372 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=8976 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=9056 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=9236 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=9416 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=7588 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=7596 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=3092 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=6516 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=6196 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3872 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=9056 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=8520 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=7496 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=9980 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9804 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:6352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9604 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=10284 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=10216 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=10456 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=10768 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=10908 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=10888 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=10988 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=2236 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=10016 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=10684 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=10332 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=10260 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=7204 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=3000 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:8076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=8520 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:8088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=5336 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=6444 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=3828 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=3548 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=6016 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=3996 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=1080 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=8264 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=8344 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=8320 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=10840 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=7476 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=8960 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=8840 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=9008 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:8008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=8956 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=5348 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=5376 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=7412 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=10456 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=7236 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=10360 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --mojo-platform-channel-handle=7376 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --mojo-platform-channel-handle=9892 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --mojo-platform-channel-handle=10760 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --mojo-platform-channel-handle=6140 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --mojo-platform-channel-handle=3676 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --mojo-platform-channel-handle=11628 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --mojo-platform-channel-handle=12080 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --mojo-platform-channel-handle=6592 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --mojo-platform-channel-handle=12216 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --mojo-platform-channel-handle=12224 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --mojo-platform-channel-handle=4960 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --mojo-platform-channel-handle=2912 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:8052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --mojo-platform-channel-handle=4884 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --mojo-platform-channel-handle=3004 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --mojo-platform-channel-handle=11524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --mojo-platform-channel-handle=11532 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --mojo-platform-channel-handle=4944 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --mojo-platform-channel-handle=9436 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --mojo-platform-channel-handle=10628 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --mojo-platform-channel-handle=8428 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --mojo-platform-channel-handle=8476 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --mojo-platform-channel-handle=3676 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --mojo-platform-channel-handle=12148 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --mojo-platform-channel-handle=7688 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --mojo-platform-channel-handle=8288 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --mojo-platform-channel-handle=12020 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --mojo-platform-channel-handle=2184 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --mojo-platform-channel-handle=9676 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --mojo-platform-channel-handle=11424 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --mojo-platform-channel-handle=6960 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --mojo-platform-channel-handle=8428 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --mojo-platform-channel-handle=6416 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --mojo-platform-channel-handle=11920 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --mojo-platform-channel-handle=11820 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --mojo-platform-channel-handle=5700 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --mojo-platform-channel-handle=11464 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --mojo-platform-channel-handle=11436 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --mojo-platform-channel-handle=7624 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --mojo-platform-channel-handle=5192 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --mojo-platform-channel-handle=4012 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --mojo-platform-channel-handle=7260 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --mojo-platform-channel-handle=10016 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --mojo-platform-channel-handle=6232 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --mojo-platform-channel-handle=9372 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --mojo-platform-channel-handle=11256 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --mojo-platform-channel-handle=9524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --mojo-platform-channel-handle=10956 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --mojo-platform-channel-handle=6700 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --mojo-platform-channel-handle=5420 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --mojo-platform-channel-handle=8120 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --mojo-platform-channel-handle=5392 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:6760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10632 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:6540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10928 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:6204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10496 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:7348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11172 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:7628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8260 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:8140
- C:\Users\Admin\Downloads\Setup.exe
  "C:\Users\Admin\Downloads\Setup.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  - System Location Discovery: System Language Discovery
  - Suspicious behavior: EnumeratesProcesses
  PID:8152
- - C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" https://pcapp.store/installing.php?guid=98F325B1-1085-43B7-8E27-43D9CDB6EA3FX&winver=15063&version=fa.1091q&nocache=20240807191656.74&_fcid=1723058209076521
    3⤵
    PID:7920
  - - C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb70a49758,0x7ffb70a49768,0x7ffb70a49778
      4⤵
      PID:1524
- - C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp
    "C:\Users\Admin\AppData\Local\Temp\nsxC33F.tmp" /internal 1723058209076521 /force
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Adds Run key to start application
    - System Location Discovery: System Language Discovery
    - Suspicious behavior: EnumeratesProcesses
    PID:7668
  - - C:\Users\Admin\PCAppStore\PcAppStore.exe
      "C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default
      4⤵
      Executes dropped EXE
      Enumerates connected drives
      System Location Discovery: System Language Discovery
      Suspicious behavior: EnumeratesProcesses
      Suspicious behavior: GetForegroundWindowSpam
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of SetWindowsHookEx
      PID:5500
    - - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        .\nwjs\NW_store.exe .\ui\.
        5⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        Enumerates system info in registry
        Modifies data under HKEY_USERS
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of FindShellTrayWindow
        
        PID:5932
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x2a4,0x2a8,0x2ac,0x2a0,0x2b0,0x7ffb5df5a960,0x7ffb5df5a970,0x7ffb5df5a980
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:1668
        
        C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x168,0x16c,0x170,0x114,0x178,0x7ff6cc8f8a60,0x7ff6cc8f8a70,0x7ff6cc8f8a80
        7⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6076
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1912 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:2
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6088
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=1920 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:3
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:5176
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2092 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        
        PID:4760
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2960 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:2
        6⤵
        Checks computer location settings
        Executes dropped EXE
        Loads dropped DLL
        NTFS ADS
        
        PID:7464
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4196 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7628
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4308 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6552
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4272 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:6692
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4520 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        
        PID:7356
      - C:\Users\Admin\PCAppStore\nwjs\NW_store.exe
        
        "C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=692 --field-trial-handle=1916,i,6785811835373322360,7833381526391482446,262144 --variations-seed-version /prefetch:8
        6⤵
        Executes dropped EXE
        Loads dropped DLL
        Suspicious behavior: EnumeratesProcesses
        
        PID:7932
  - - C:\Users\Admin\PCAppStore\Watchdog.exe
      "C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=98F325B1-1085-43B7-8E27-43D9CDB6EA3FX /rid=20240807191731.336240929765 /ver=fa.1091q
      4⤵
      Executes dropped EXE
      Suspicious behavior: EnumeratesProcesses
      PID:8052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5900 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:5980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --mojo-platform-channel-handle=6576 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:7000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=171 --mojo-platform-channel-handle=11524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --mojo-platform-channel-handle=8188 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:3144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --mojo-platform-channel-handle=8688 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:4104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --mojo-platform-channel-handle=9844 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --mojo-platform-channel-handle=4928 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:8136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=176 --mojo-platform-channel-handle=11524 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --mojo-platform-channel-handle=9976 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=972 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:3824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6656 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9240 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:6936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8956 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:6432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8280 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:32
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10632 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:4808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6168 --field-trial-handle=1800,i,17445074027642527261,12934030039581306369,131072 /prefetch:8
  2⤵
  PID:5064
- C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe
  "C:\Users\Admin\Downloads\Evony___U4O1hi5pQ (1).exe"
  2⤵
  - Executes dropped EXE
  - Drops file in Program Files directory
  - System Location Discovery: System Language Discovery
  PID:5396
- - C:\Program Files\TopGames\Evony\Game\303514\evony.exe
    "C:\Program Files\TopGames\Evony\Game\303514\evony.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in System32 directory
    - Drops file in Windows directory
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of SetWindowsHookEx
    PID:6788
  - - C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe
      "C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe" --attach 6788 2066590273536
      4⤵
      Executes dropped EXE
      Drops file in System32 directory
      Drops file in Program Files directory
      Drops file in Windows directory
      Suspicious behavior: EnumeratesProcesses
      PID:6988
    - - C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe
        
        "C:\Program Files\TopGames\Evony\Game\303514\UnityCrashHandler64.exe" "6788" "2066590273536"
        5⤵
        Executes dropped EXE
        
        PID:2684

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4992

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x3a4
1⤵
PID:1644

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:7576

\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
1⤵
PID:8020
- C:\Windows\system32\dashost.exe
  dashost.exe {b534cb8e-9e74-467d-b483b316bef35df8}
  2⤵
  PID:7484

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
PID:5284

\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NgcSvc
1⤵
PID:5784

\??\c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s NgcCtnrSvc
1⤵
- Modifies data under HKEY_USERS
PID:5636

C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
1⤵
PID:7536

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
PID:6712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffb70a49758,0x7ffb70a49768,0x7ffb70a49778
  2⤵
  PID:928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:2
  2⤵
  PID:7812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:7452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2104 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:6568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:3416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:5044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4504 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:8116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:2412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4900 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:4260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5204 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:2356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5460 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:7404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5844 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:5296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5748 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:7296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5576 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:1760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6044 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:7888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5888 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:8
  2⤵
  PID:7916
- C:\Users\Admin\Downloads\MEMZ.exe
  "C:\Users\Admin\Downloads\MEMZ.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2912 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:5516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5744 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:1
  2⤵
  PID:8036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=888 --field-trial-handle=1880,i,7017782574576105113,17182356487762211963,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6280

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5156

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\Browsers\Compat.browser

Filesize
1KB

MD5
0d831c1264b5b32a39fa347de368fe48

SHA1
187dff516f9448e63ea5078190b3347922c4b3eb

SHA256
8a1082057ac5681dcd4e9c227ed7fb8eb42ac1618963b5de3b65739dd77e2741

SHA512
4b7549eda1f8ed2c4533d056b62ca5030445393f9c6003e5ee47301ff7f44b4bd5022b74d54f571aa890b6e4593c6eded1a881500ac5ba2a720dc0ff280300af

Download Submit
C:\Program Files\TopGames\Evony\Launcher\241128\MonoBleedingEdge\etc\mono\4.0\DefaultWsdlHelpGenerator.aspx

Filesize
59KB

MD5
f7be9f1841ff92f9d4040aed832e0c79

SHA1
b3e4b508aab3cf201c06892713b43ddb0c43b7ae

SHA256
751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a

SHA512
380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
c64929d71f8769929406b672778db163

SHA1
9dcbf05f8029ec6263ec43b6958a54626adb62d1

SHA256
b8d3e55babd999d4d2ada4cdae8d09b2b34321266395960c07ec811d08b91a0a

SHA512
9ce6eaea812713c9dc9de55875f5899b21b34e2fd09666590f0a4b3a4c6b3dcce382c5c1e73e01f4066c4b99024cda816ddb324701deabf2756c76e6f5977332

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\250078b5-013a-4ac3-abad-a1c5a2c1af3d.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
24KB

MD5
87c2b09a983584b04a63f3ff44064d64

SHA1
8796d5ef1ad1196309ef582cecef3ab95db27043

SHA256
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

SHA512
df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
69KB

MD5
314025075985d92cd9a743d482dafad0

SHA1
709a1050e7a81b54b48e4b43e44140ee8295759b

SHA256
f8ee013eb443b8c1d03179b33d6b550441f2e9772849853ba26755c34c3fad25

SHA512
ea69d1bab3267ef52f7fe7cc75528fe357eb8fe50fc87ef56e4627483288e897d00b4824948749e6b39f7ee064884883903ca634eee0d8d461dada8718847244

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
403KB

MD5
4a3c942f24bed7fb0e5bfdb1397b5c63

SHA1
65b071ae2c34170f18a48d84965c6c79ac6944eb

SHA256
96d6770a07267a7f6abdb9eb9786c52d3f29ec37998a61c7f811ced010f1f0e2

SHA512
b283b29fc0778cffc369f2c354e0c5dbf8bd380f57fcfa6d06223651715604b3e251b7e128642e6188b7bb57fbe06c67633454f7612a2fd833f938d19dad3078

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000065

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000066

Filesize
209KB

MD5
3e552d017d45f8fd93b94cfc86f842f2

SHA1
dbeebe83854328e2575ff67259e3fb6704b17a47

SHA256
27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

SHA512
e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007e

Filesize
134KB

MD5
75aa9a75c82884b541bdbc8db8b1afb1

SHA1
c413318f75dbad509d437b49660e5d1db15d5655

SHA256
90cafcbabb767d77cd60441d67f4e17fa4791dea0efc0bc02fcd89e0a05eff33

SHA512
319f9a6c3f9c6c076819f1f8a2b88aacd925a6e876f770d50515d6c21a03defed5fef375f55fb8b7071e1997c7eeb97637b8f7eb09a27a43f47215524f5d8583

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000085

Filesize
20KB

MD5
100753506cdeb53eefc2bb6fdd1b064f

SHA1
770bf9d634015f7784c4728d5fb80e1457f000f0

SHA256
5f282f19054f8373f07439b6afd16c594619e8eca8372669999d8a51f9c6991d

SHA512
a1b8d70bdbd3028a852aa492c8246c35cc8dab30aefd5063bffbbb8eff2987c126c17c262eaa8e125916508ae51f826870791318e544de88a8e419049ee05271

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000086

Filesize
96KB

MD5
85c86eb412bdb8fb10996812f2b68f15

SHA1
73d90d1af6850fd4296e631ea46e951f0fd0c373

SHA256
c6aaf6014daf84b092194d158f7c31ee6d7c3b0b0b5e3cdbd3b269c5ecef1690

SHA512
d9ac885a13eaa3a5c39d08b4f3de7af591e59f6dcc5acc4f184d8fe347afbbbadf8e59fd7e8b3cb8dff2fba5b7569d1a06d40d7fb194ecd7c0587a155c5ee8ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000087

Filesize
90KB

MD5
97260f7f1f5a90971f92c87bbc6c69fe

SHA1
1e987dd3d6deb7789651d0096abb7fed98776cf9

SHA256
cf63be4f942ae482454d5a2a40c73e2b33f87f93d840729932dc2f2b213daf4e

SHA512
1ca1b0b8c10cda0077ec3daf3a02be164c2515caa575650db55f5ae5d4b24414415c298fd1c11837de60daebf088795c53de280dbd4675b0e083ef0c469b96c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008a

Filesize
25KB

MD5
42e84ebcf5470237abd1f9e322b751fe

SHA1
a828a45804554507d9e8521c36109e8bc3d5eca2

SHA256
a9fc7baee3689f0331e46617f60d6e7c3ed631209b7211e7dd09cf20d22a64c1

SHA512
36606d42aee5689819dedf221af3c6c0da06aeb9997b9ce84b42db42ab80a0926352219f1e47f2287dcc850fcc96e4eefd5e487e09e1f1228102eced11271e25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008c

Filesize
17KB

MD5
67e30bbc30fa4e58ef6c33781b4e835c

SHA1
18125beb2b3f1a747f39ed999ff0edd5a52980ee

SHA256
1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba

SHA512
271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
19KB

MD5
c50089df12b4826cf6371f5b4cd3e5de

SHA1
109bb7ccf03b43ccc649cc22decea957230495a3

SHA256
c4ad6585a791f6e230ed30a01d22ae7da7a07c68fb686bee3d499736330cb6d9

SHA512
f8ad8834f08a736e21a8afc3e5183c75b0d5a56c8659140a955bd4f5c31440c379ee4720baee18433ed3681e6ecc6fb64f3f1807b313257427dad2dd6e509e71

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000091

Filesize
98KB

MD5
033df0da389953cc333280511a9914c7

SHA1
447a8c4f6ebd38aabfb224df79f7f4f79defef3d

SHA256
1eff650da5767d442a420476aeb8863d81f03c15cd8eb947993ac86a9dab21ef

SHA512
07a5b31558f51ff061e37f5664c30e05a4ddeed0a641b31b19bf858b044aeff5354b85825e1664a9ca7cc44f9404651d7e1b53efdfba5fa31de70f73fd9b395d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000092

Filesize
104KB

MD5
7651b1187bb58ac4c7be625337b35e5b

SHA1
307d969ef4137a66fe2793737dc1c546587c7f43

SHA256
0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968

SHA512
a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000093

Filesize
31KB

MD5
bc8196eb279d19a8cb0f141504d36c9f

SHA1
410b6176935d56db1964c4bca679203081fa8706

SHA256
af8e1ad1a7809c3f87ed13db0ff14087bcfa06ac99c6a2c2cb332f078d3943a4

SHA512
4d84b795c2a2152f00ca15e929b439ba59215104ff150d2ab6f180798d49f68794c3fa8333be5323068a79218780c681eb8ba8ea16c68cc59cda89039a155123

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000094

Filesize
81KB

MD5
ae6d89704428e61b3d857a2988490cf1

SHA1
99fdb51b0432dad7b842b11e58094b06e8d5fc64

SHA256
86dbb0ebeab017e8fff87ea7e431c90d06c399b1a7467d426d1b7c51966ba05f

SHA512
703e8474732ed5434d46cb437a816e18f9d99c11666c7fbc9e53bd704cda03135a2ebdfb25b66bfd0af8d911af31242ef25b0c9c95155f795bb9471d78b3cab0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000095

Filesize
81KB

MD5
e4227acdad64e7d9f8e8b8471af13a9a

SHA1
e163f89ab25012abc19cd31ef9a7c72b2745156b

SHA256
60b9c5e02d68e60bf23038db2e11769c5e50a3195eee4831d08452457b651371

SHA512
6ea6a1bb87f197674c6404e8c33d89cd89f6c22fa2dd5af972c36c5343d0ad1fb227e76082663435ce1d0733bbe262cba9ec2e7e36388fd83078f6b3bdc40054

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000096

Filesize
77KB

MD5
6192a48f7b0fde2f0e3fc541cf79a7e8

SHA1
df9b7089a57ae0efc3af4a1d4ddf5042a592ac71

SHA256
1fc596be87999f1ac69677effcaadb0a492a871e017db76661732c85ccab4b8e

SHA512
f681d15f07f2645d5dfc697f2ce93da71b0d5ae3447d87767fb9bb70d89275f6d715922f332b122b77c9b49f8787f81540e72bb94fb4a1997017a2948d2ff6f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000097

Filesize
47KB

MD5
d218adc0202ddcd3f482874d435e810a

SHA1
3106abdbd1dafdc3e931c8eaabb8e4adc014a2af

SHA256
3d329af73f0c900256a0759ded80a51a999518635c9ac95249020e36c9b1fb21

SHA512
5fc4c580748f9fd8c8c793e8778d8160805019aaf6f738593226dc03e69222e93a6f803f0cb3ace04d69dd3c5486f1d1392e9cbe17ef38fede27f6473f65e82b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000098

Filesize
147KB

MD5
cc4338db837b0e3f30630842a320a796

SHA1
764cbccff0d132436f387596a8eb5ea71954bd0c

SHA256
e035df2cc7bb7ac4c4993f32eef9279020a55dd83c4efb92f5dbeb04c159e7fb

SHA512
2f55d1d6d5da4905b76ec30c5af2ea070fca2825f3acca38a244754e29c7da67d8b14a64912fd8bc2c173a6e0daf1303bfc60dba92d41cf86ea084b098fc982c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000099

Filesize
19KB

MD5
8be102e2c9ff27f0c1ad9d93138522f0

SHA1
2e9233646304b9cb72f73b09d1e89fdef1d7369c

SHA256
dd46a083bd9e98443f97cf9129cf8d4d782deac0c28e1f7b4a65df000f9e164f

SHA512
e3a570317c4c770a9feff907a7386e5db454ca356ef974a8a141241c4bd24a989fdefca76bc01934768e3ab05ccced4da01a34f3c81d1b41c224b200cfd058a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009c

Filesize
27KB

MD5
831ab1ba056cc5e8b696c2b24538a9e2

SHA1
6d653d4650980c36c8a306347a835a309d70f99e

SHA256
9c68f78a022508c165b7e1e77136c3716a6a16f13c6eabea504b97d2ef87c856

SHA512
3de8a9df404fd5df45a55da7c3877cc1ad20ea57ac9c19052e3a24e9d44edce25647a87c3ebeb6e5291ce483f26fe8d8fd88ec8cb9d1f124855b84f77fd18061

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000a7

Filesize
38KB

MD5
e45f95635508c9b063c4e562836dfb4c

SHA1
6ed7c9b0ce19ddd5322255faf090d285a7da2fad

SHA256
9d8660164c1677ef3bfabfe0bbe12d6abb1b7c285ec2a390c16a8d50abcc6bca

SHA512
532db66cdacfc95b0f8afb6bec048bed2fc2decd79d5b819edb17c99dbf38eda7af0ecd5108bf7f332432b6289bd24fb032fa3badf6072dab7193df647f2c783

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b2

Filesize
20KB

MD5
6931123c52bee278b00ee54ae99f0ead

SHA1
6907e9544cd8b24f602d0a623cfe32fe9426f81f

SHA256
c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935

SHA512
40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b4

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b5

Filesize
18KB

MD5
8eff0b8045fd1959e117f85654ae7770

SHA1
227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA256
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

SHA512
2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bd

Filesize
62KB

MD5
0800f316866f3b20e5443bf0b6c133a2

SHA1
0c26d720ec1078b683068d5586b3a204ec118bba

SHA256
8bf6fdda34cb70a0e5abb753af6440a64d37ed2fee81ab1d9c478f7d77aff84e

SHA512
84d9961ef0b3890094c0809750708d57ab23a9e21f76fbddae37fe04443b44c693dd087e51ed06e5ea2900f1fa7f2bda76f8991d3f8396dacfaf923438e48d75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000be

Filesize
16KB

MD5
ea05a9615ee91a2098e3d2ec4255a861

SHA1
6daede33eb2e0cd831c1606947ffc3f312e1dfe9

SHA256
b85bec1a1425290641c5a32031770216e83d127c5cf840e69fd01a250279bc9c

SHA512
e11a9cbae5c2d4d91dc65ab7a16d36bfea29f156466e6e2b380d1793cdeb4a2b0fd7666102bfba5a0e2344cdc2efbde3ae0ec1ed134aca269467395843a15426

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cc

Filesize
47KB

MD5
fd1f79856510e1cddd8141f1d82aff4f

SHA1
659aa5c13b63adfb1480856cf8da6acd4fa624f4

SHA256
d2c922c16632143318a2792e0ea9345ea5c072ad583a84d8ef164cf952fec4f4

SHA512
7781c5280010519da7e71a849a9cb5e37f7b29a1e800bbf9cc47536eaa937abeecd1a2d61867c2744b7de83f0cfdc88b72255ee083501df0455fd018b0f86376

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cd

Filesize
19KB

MD5
9749d9ec019343047185cdbc554c6db4

SHA1
089a2ea98bede002cfd2371d1647ffe155ec23fa

SHA256
96383f6cf4abb61960cd6b68deaa7648b268962484f9a0dca9c7d54a62b9f97c

SHA512
d9d3f3156f0478d08c114c6189304450edadef8f9f0a1c7e36b89566be1084a51bfb9c6d17ef65829acd29c61ce140a1644093b67cc838dff76d638e70fff075

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d0

Filesize
32KB

MD5
81e8f8281ea972cee3cd3ee2ff4ed42b

SHA1
6877e2f5e3c97294610f5d92c53982b3f6db008a

SHA256
8a6aea6739ad1bc5c58aa123796b46a9334f2880fc3c3948cd00abc6ed2e5e9c

SHA512
615a131732c448342706cc049874cac0ec523271d6c8dfa600a3ba8626ec52c92fbd5ba8ba1ebd2ee51497dc6ef96d433a8d6eda45611cc7b00fe365dbe3b49d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64a8f906aa3b0b10_0

Filesize
54KB

MD5
55c8b84bf35801f3cb7a052f44eadc09

SHA1
376cf299c6710017e8f3816c03e3312e5e814f13

SHA256
eb3b9b548b9ed5be9f61643b7c120c435d05754a93121ee46aeed4ce655e8554

SHA512
0e546e415a225389619389c53c471a039ddc1c3b6f8d777395f71e122a87751b9e31e82a523bb501e01e1c59845e812c0499b6ad8e73024474682bf395eab29c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7b508899820079f3_0

Filesize
303B

MD5
851edcf39f15f227767891d58b1633bf

SHA1
ec733d5d56ecfd8ecca806e347d9f71aca66fa10

SHA256
7ffb81a3b0a5e25cdfaf80b4021bc590766e8aefb5c31e006a606d8fbbb23a8c

SHA512
dd2ac19a963d375315c4dd35f7415da5b401d1ee8f1f13e9cc9ee2cf1703feb2c14ecc697351e9401776b729a8c3abd42d7b723364517a6c48f0e36bfb02b5c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
2ade56665ca5e9a476e5e5b8354132f4

SHA1
6512080cc00027db7ab6490d06ae4c18eba7535b

SHA256
38a793784262f204813493347d10380464f046adcf0e50247c942374dad1c493

SHA512
56676510c7a7323842b18295eb7a1283f1b28922f636ea72013b98bb420f6f367e8bff075fa7eb5f37c6e36caa0321ba2fc3f7176b4fb3739b74a4ff4b0add9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
168B

MD5
ba12870e914ea868a769427006cbabf5

SHA1
55d80d29bc4675ade3f9dcdaaf3af7f86a79d2a8

SHA256
48a8f4116bfb8cfde44e4b401a76c4a8e258f17e6a39c7f08f3d83c8f52ecbac

SHA512
aa3b12976fd4970572630ff99c29ae1a888ad529047e19b77f760cb8238773dbd69c8e824488d2947020d3f5ebba88b7572a58c8de8304e674c020c5defbac26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
11KB

MD5
0bb096f04da5ec103f0da5a94b21266b

SHA1
a4613e338547a14237d3c53a5e5b7e3c5b19d7e9

SHA256
7a93f56e80f0cba96884f3dd93d61b181dc931cb4338385b6e2faf00dad298fc

SHA512
8e6542f3b7dc66d1e2275e282a21c1bdbc9397468883e9ef9ff0f88b0e1b64de0b06714d982727cb47d6f62bb0bdc9322ce065baa33bb6e5d3ad04eeb6ec9c29

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
f46e8a3c2efc3d7f28aa8ed396ddacf5

SHA1
c84e3516e36b0060ec19a8d52e64cbc36a5e0a7d

SHA256
d40ba92a2272ca6d93c5853360de4a548ed931647667b4b1d3184fe6f4e05676

SHA512
537b59b637121f1c38a2ce3e354034bcb7aadef18ad223cb1d37b90f7d6be8e20b1d016c7cf2f1a86659168412503a8a7ab9136b4767e414645421ed7c786822

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
7dc7f271e4a4c1286929d658738fe908

SHA1
db0d40e041f54e2fe15ceadf4a989218b12018d2

SHA256
ca7ec4af8e41d29cd296cb3e018041c915a836bbc48b97a8faf4ac745881617b

SHA512
269a28f27aa226fe4d478ed38d19e367bd012bdc5734f54bc6195be65781a0372ba170856868e7f86d3005a27598e34386fe061b6c74b2ff4940ef237447811f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\000003.log

Filesize
12KB

MD5
719ca8ca769972771241c033594c7ea9

SHA1
c8299d1f04f36766ee495f444272d0f8330cb93b

SHA256
da504917273686ee5a2dd433ff66b58463a592833f16d01c6c784049db4fe6d7

SHA512
e484a3b790e863bfab8ee206784db88b06b775aaafe04af84c80213f6976c5681347f475a8f455ddc89977daad1fa7f90ef8808e8beed87aca3a84950a9d7f89

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old

Filesize
392B

MD5
2c16d97b54dc445527e8bb66aaf783a5

SHA1
63f24301643f46b8a51417e3600d2a6f4d1f079a

SHA256
2141ec1780231ae3b701005c2a7be9efad6b99ff228af0a55d003124805886f0

SHA512
0bf7150b18b0bbb490e4e72673a40c103f026c16ee13a06f277049da95c0152a250ac6afe3bceb533ad9a7b35af1962ab8152ed2dff0df3b5c81a604802c3a37

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\LOG.old~RFe5b3ef9.TMP

Filesize
349B

MD5
4ee0f10dddd83fa8a0153cfb08e138c4

SHA1
87f0a11a7c16271cca9a5ae5298c36bf57e68dc0

SHA256
0f9cca94c79c16b1e18e6f9dd9e98994e0bc9607fdede1c259dfb28f1c28f600

SHA512
a3921e6cdd33ece1baae3b64416b0960187f2797514302eb5c88a7e1a1641b0f0719a0fe0cbe722bccf561f292ab9324760d7a9602879e6158f98fb3ca644334

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
29KB

MD5
29bd93063305178670798e58ab97ed22

SHA1
3480a5ddc478d170ae119aee314fe2cb13121f83

SHA256
3c787b5d0a9cc564d728091de6fc26389b0c7f456c2314326110e83972d227e3

SHA512
2db3d4fdeba7ae4858c9a91e3d6fe538b3e8e562e5ac9f2029f3ce392681953833f2237c14ddfe812bee038781b5113c6042476c407a67c60a95637437770b56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
20KB

MD5
7ad3b4505232ebdb92d645840179eec9

SHA1
157a3742e8ddf31bce5a3a5a983bc812867f9efc

SHA256
9f891068f29c7f78fd5f10564bfac5170e1e92a09eaf187c7c6338f2fece5d7a

SHA512
e2cb3cae8c4ebd7efdb309cbff644331b7433acb1dcd0ac5afe4ca2dbff83d7ba94ec4a2146b8de7ac68e0781d6189170193f0a73ec6e9e8ae677931361af21e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
31KB

MD5
89aee6bb7ef783e294920bb698472e36

SHA1
49cdfd61aeba06e9ae28c2cf0713b6f84da622c0

SHA256
dd741f6d880ff731be0983accd0af99654e69d59fb599113ca654d2eaee1db47

SHA512
84decef4269bc155f15033e33dfc9b2c1c391fb129d142886ea0629699817f8f8570a494f4d7e9170fa4ebb8a91c4994c43fee7a954414106a33135d387fd642

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
34KB

MD5
7f1e309ab78fa130de52c728d33c553c

SHA1
6932ab4e4417cafb5721d3e18b06272287c2b4a0

SHA256
93f35aa3fd83108477d0268973f67ee89f7535bbb8dce47f0b50c2ea3e77f8c8

SHA512
5d678dd3b4e344bc2854df6b896c03635bf074a81058000c8c703833def3c90139b113ca77e88d798ff7d694a256237a6e779a7bd5d7e38dfe542ff800bab633

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
35KB

MD5
1a703f2e438695f364d16de917eeeb44

SHA1
39476c281304740d4cb8e2074a072b1a87780ef0

SHA256
1404f82d4cb53e1eadec54bbf56fdb72725f2354a7ef1150d815c9c648302d34

SHA512
7935378496632b46db6732fc70cb11d6e7a2048b90604bf0c317fdee8434a42a0990d31aa59fcb88bb5cf06e63c4dc6f184963f3715d5a2a119b5e7ed14d1f9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
c6c81c9c6edd0b93ecf10b59c85e39f6

SHA1
f4191b44042082475434950bfc4f3bb136c2c4bf

SHA256
ff21659a9778491ea5851bd992631be317911b4027e0c3e3a70a7744f8b27e82

SHA512
d469f3810f9e9ecd82ade74953b4e4d65058b88691426c157e5d60fdd924337ec2c519cca8627098c3d10a6d17b93a528d6aef8b2447d99bb42c9d2c0a1bf558

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
be72aca000417d52e453fe11f3139b30

SHA1
422ef8021eb76eed7d148f91ea474370dc02d829

SHA256
8bf44f9dcc801e3a7d9c741601a83d4aa98611a1903acc4debf229742568ffd4

SHA512
284592b2487a9c316b4ff622009bd70cbcd40432bb46945c7f170e3d6375c5b698d25e8f9e1b89987de263cce2b58428b2af5fe9cbd0a727d7d2b814d167cce5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
23974c1339074a8ff00e7e01f4f11076

SHA1
bd39fb7ac2dc94f5f9b59beab5fa04575c0408cb

SHA256
3e69d7851aab747dc22089515416cb794572871200fe626e76a543b13edffef5

SHA512
f0ce4cca24a61ef7cff99b8f7bc4a6ba33f06282867a42dee84cdc274d1e8e0d70244db83675cae72c96db8a9829ae68e4a5b421394107e1a262ae43ce87a365

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
db26e82a4cbefa8c3ed3c9185e9568f1

SHA1
e7e089f6ea70e4b651a1dc6c396ac8dcdae25771

SHA256
52e3cb643179d0e976759f65af21d12fa3760b5bf400aedcb889a1f3abcae01a

SHA512
5e3d33eef42a2429703c37b9dfb36b8e674af18f03de25a146b09748b6e174e524412be8b4e281c093d1c6664a10232691ebb6e75c5cafe63b33f0d8f5940a8a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
c013f5b1b487c468b6ba8a11ceacb545

SHA1
593504824b7253a759915347987cf37b874ed1f6

SHA256
48346096b7c994a865aac51dfa2db812032312bd3aab971846a8c518b81d1c55

SHA512
45bbf5bc13f2899c97e1c565c9ff4f7e2469e863b83db339bdb21f52f5c2016bc8ef606f9d93a0388b624a796d1e8cc0da069bf66bf6e17a8d04777c53d2aeb9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
8c31d84448b6f67c6a8933b75c2e60b4

SHA1
63352dd7e85883b96d0cce308e036bbe617e6a26

SHA256
284dca7fdce48aa404c97df23bfd2b5d25b5fd0a5641aaa4190de7521b12af40

SHA512
8a2093e0b372f2010025f6e7d6f23dcbb4edec8d22c4b2eda3fbdb95736e308c508b7726cf0036b706aac38beeb2f042426842c13c401dff61ec2a45c1936407

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
a8f32ff08012069be9eb7005c694d5fa

SHA1
5fd391929fd36ff2a115eb7bf12dcaf3663cef31

SHA256
1d0b8fdee41eb0da72f5109454edbbd9e376636afd5f249fc6ec63400dd67e49

SHA512
8a0b30c7ec4b6d7e481686cae3c16d4babfeb747b2aff1830f6de22711fc77d22c19fc04e97edbd1e039485e072b67ca638a8946a48e69b23aa534b3fcc10d43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
a39ac94510f4643617d86f5b9415f192

SHA1
133b2a9fdaa6c84d4a2ed43ca3a74fab496b9ac1

SHA256
de166326ab20c8643e1d5348d2f410b1cdf1d2fc460bf361bef57ed7f3c21acc

SHA512
5a2c33f46de9929ed424c839cba53236ff103004ad83599f3bf50e9f1f7b9753e32e8de6294573da16ecd2af2fff6d566c81a9dcb82d107e7b81dc56e1e52352

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
b668828a077449fe7a4de283a721c4cc

SHA1
50a48d39be882b2800b59ef5b014641595ab30d8

SHA256
5f0041b50df06d551e14dd561e68aa706582e4a2cdc9dc391fde81437b0d114f

SHA512
63b4de917e8ef9a193f443f2984af3ef2c9ac861e4b5ec362350f328937232d729301dc5a43a92e79a438e8c66e0ff03b7294b839914f5d94c84d740e63770a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
551d8e64297566c0aeeced46278a11e7

SHA1
95eaa951a149c3f5b6613e6c89be86852b23ad81

SHA256
3a44f26c952db2178459fb881c0a768bb7d07022184fc783fdce2afa4070081c

SHA512
eb49aa101844726a7a6ab4d1bf97def0fe8a8702803f12da5b1cff6fb26651c774944f881778bcb5e02277e25310940bcbda65356c9cc9a4fcca3d0851d77982

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
880afc85fc1789ac35e112ef6e49ba4e

SHA1
e86d996c5fc1b88f329dee362c35eba708b4b861

SHA256
ffed7728f14af419c5b6b640a8e6c73983bbf03b55700438e60ba2b7bd33700f

SHA512
48e8e8c1935356bd4b04dea97652ad417cbab99110d9fce0de6455e8f88daaf51aec18879957cb570d71fc6ee5133052fa50590f12b676f96ee81cc1b08d5010

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
85066d4ac0fa7cf98ac5e6ac19881f4a

SHA1
0c656eb59b2f39602c0993240fbc848521f96086

SHA256
178f5691f2b63a06515405e03502029278141ebe1a6e9361407a383e0124c44a

SHA512
f05abd39b40fc54ec148c5f41a07d80b0d301c92cb2c72e442f369631230827130c442c56774b0a641b8edc03bc779c522fe84b40fc78112799aaaea4a6239f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
ccb951e04f5023b3ee9a2ad8f871c605

SHA1
62389e0202fd23b693e46818fe262bee81901f0d

SHA256
ada1845b262ba785f74de8387bee5c46fb94d24eab92e3ae49bcae72d0806ab3

SHA512
c9a9f8b35eeece2d2413d53d7a5f3cfba31314209b4b33c76ba8f929017ce3e128c79e3ebb2e3993a148472e72d9b953aac1eac9e1bb62659325267a89ca9ef1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
e35125393a01f07434941e206c3a219f

SHA1
c1eab8446f7cb040787d0fe57b30e91f64310733

SHA256
f9f1075f61a7a33dfc9a4782d941f5c296346fe0be6ae8ff1bcfb91d9ef29113

SHA512
4edcb4eea766f99cd9073b1cd5ee173441e6488dc3c47bf34d8458bb813436f83253b617055fa6ad9b22401b9c1c041cdf869aad236a34d9636ab4221d5717f9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
1c7286226dab837bbf9822c7ad167a9d

SHA1
71b8a17a6a61604a1498d267775a1045009c6732

SHA256
6282d9918660a2e5564bfb72a3b098327f49ee86050aa4f2a1f8204dfd63b8ac

SHA512
c75d558db00dfc6b7acfdc1689cf2becc916e4a805fbc74c2c9c9801e1851772c2cb104beb628cb77d60cd04d6c2452990a7c68cc682edb2de973639353742ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
9KB

MD5
382421e80ea4b2811075bef5d86306cf

SHA1
da7c583c559055c133f14178b6a44b62ee0d3aca

SHA256
edfccaf56b63b7e6ff8403f48fb7de70e97de3133e869fd1e543c053c9af0c2c

SHA512
58819a156032d5ee487ece42aae88a64f3763cc547d7580cf940c0dae93c0d9a1f3e3c6166b932490940fd867e2d84ce7c9a764ff4b197bf7dfd1a6c8a72639f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
0bead89522922251dee7b34193723ed1

SHA1
f5c59f6aa1048050b45b3115172e386b68771eef

SHA256
4907679b73cef2294e391a899f58d6050b0d5c34b9b68c0086bd94e724233b6e

SHA512
962aa889a508f4c52f6e9c39f289d88a8781b3214e996b2a8987e345b11f781e11a92d38c255d6696a0540464c97052afc42010d8bbc4d91201c3699aefa96e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
10KB

MD5
7292ff2a3d59d6e2d62962f1b4ecca0d

SHA1
59d1b6189660ec987741c73040b3da4f0f41d6f8

SHA256
0126bb875c85c7f4cd89a4bbe7649192d10c000b420fc3990fd2c3f8ff5ef04c

SHA512
dafc273a64ee3a6d99cbdf09f6255b26dcda088f4a7fc01fb6402454b645d134ab8bc75ca5ac005a1ea347997f3377f2eac4fdc5436a9543eeb1a37ab4034545

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
8b5f221180b621c72a0772b2201b49c6

SHA1
53755f32ab1fe7b42e73535d55efc10a862734e1

SHA256
2611cfbee1dfe22afc2eae7009bcbd4057144ef7373bdc36c193cef40cb3270e

SHA512
b45955c9cf42c79fc2682158c020b0f7e6838a9edb5adfe5c7598f49e77f2398e0a1f6cbcfbe6e4bd3f4e949fea2607ead066a1858303b4b3253d377702dc1b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
11KB

MD5
2c283ccec8710edad37ce7b2f1ec6d3f

SHA1
8d7ee7e97932d5a9525c5edc66616b7ecde2c13c

SHA256
b55466d9400739562f5cdbe35544c7d05bb016f61b3328ba66268730cc3e0d2b

SHA512
a5364348785a143a6261a39bf5e6d7818586b77b835d8d3b99746a452e030ee787561bb9d7fbec77f2e2010ec96a8eba1c309eaefe3ed2b4deac5d63849f0d61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
8b245f33b9e49bdcc4f15c9826f8d918

SHA1
be855e3033b97745e2ef53b883ab431908323a02

SHA256
6d97ceedc42c252ec96045740eb907293ef61d3c4e3f8e9818730f7da3ad88ee

SHA512
31d46da801140628da34ea3baf03417ce1f10775651f2c2d4499c56cc182aa2d7e8e1459d86749431b3a83c88203f6aa1d1b3bc4cdbb74901447fafaf10cb9f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
7238ce3e0c7660de5dbd864f8a74e497

SHA1
a94895e4b12164b8381d68a71dbb47cdb9c01fc5

SHA256
798b728fd95ba43bbc7730834c15a61ef189a2e0ddd6751a222bfd27b47a2d84

SHA512
c38d4fee96fb6788f11fcb2aaeb6f888168810e012a04e5bd0438245ff03cebe74eb4f7e28b552a17b6bc85561ca5a27e942b412aaa547172213429b3898833c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b80bdf2a218576371aabb4456ef687dd

SHA1
343d207c8cd87be133cff71e5770bdcdd436ad8d

SHA256
ba2e736fd318cdd5db38fee80e6a3476b42a1a373b28e9565877a4ce1ed454b9

SHA512
b71581fa7fa6e5109ee930b7afd0471daf7e493904ff440f28fb1ce1e8ff444894a3e57af3e3ce6d58b1dd8f1da9d4c42192640ce2e5cd6a425f850e879c3e6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9baa083081b11fdbc9b007b7292d37ea

SHA1
a286c895085ae92689aac368bfb2f140fb17d25f

SHA256
082c17efa5fc9637f9d71cea5ae3c5f7cbfed57b38d0d8f2fc2e3a047665af53

SHA512
8b85e66f1c5f04e1b2228ae012ddfb8c8005552d4ac266499cde238252afe778e11bbe415a2601a6bee6c9b5045fe339cf654daf6dd202f1c365411730fb9bf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
11eacb6f59cdbd887f54aee9c483cb57

SHA1
d64994bbcbd9ef9621773542d7f2d1f3c715da1a

SHA256
1fba9531599f4bac5fff4fc32608581577247a8811ebdd95abdce4c7d7effe54

SHA512
06de45a88c4a9da74748e0cafe1ed50212b83bf9ef62870fa53f680dcbceec310d1acc99d873854a849160ef8c1d946c0b6478094ab6ca3c2dd1123ee5e3e01b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
e2c359236904498438f2bd99440ac4b3

SHA1
e2ba8f40e459ab5ebbb3219d86ffb263d6d17de8

SHA256
0c1783c66f7b608f0d348b8b34771936411981632f71e0528262e46cb834646d

SHA512
0737941644403f6e3b5c89eeb77991a416e6efe5f56b8f064e55f450bd7ed62880958726af0073d334c54e5a07c505dfe6e3441d3611cab814357debff20d55b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
dfbc8a0d85fee5582a54284ee2f91c9c

SHA1
b2e987709a8fa4e89a21bc100c0ebe3904df9c9a

SHA256
6f0e3ae48ec554458b173cdd0c82cdc15f303a289567db0b8ac15117b6d47994

SHA512
cb5f4b1dc1fba8b49fe772da5c72ffccf858274b079a458a62a2797bf39bc7d9c5ce29eefd752dd985d6ca569a99e74ad39f8cc32cf52f5a7717710be46fd91f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
78f1e6ff106af326f6d3fa477cad2564

SHA1
e00ab89ecce1bdc12a26add0e8011f3e3600dbf7

SHA256
1888008f6565f19c6106647ec67ad90f7c7ae381d430df0c9171b823c781efc5

SHA512
98dcf93c21b146bf831bd7af365a7c2e5e50856887eb04bbf313aefff771b7e78a2fdb8f6fcfcbeed6a0ca0f8dbcfab0a0fda0637511828c6ffcb54c6d1457ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a40615c13a26476ad8874fa622275f0d

SHA1
fb7ba3975082a8c9a2245ad80b38725682dc1f21

SHA256
cec0aa23de63c6bb7dc610310e37dd45f15d49b51799a8749ff01e5114b655a6

SHA512
a558434ba380dd5e22591f5d8cacee7dfa45cd9c3df8be1cfb3b0b8c266da4f17feeedff1d09b641036bb203b7b397e8839dda67b5705b5ac405c0a5c03171d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
8c0deeecca92c25beb89189cf0f5be9c

SHA1
172bdb57d032fd97266c54e8b8c762457dffb5b9

SHA256
42b9423ae446e8fe2a2dea71fa938376d28290748330bb08f2fccdcc8d620a04

SHA512
4e65df18a72e1fcc17d83d7ce18f403ebf3d4885eec815940767f9f9a5c4da11d73f456b75aa264a6184c12ffcccf94cf894e9e6625c9225987a67bf7b0dd815

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6c555bda6bb63fb49ba7ef77fb5d77d6

SHA1
7d6685797ed49b29fdcbe3904761e027162c82f1

SHA256
172359c8b23a664cd908e32b71ca9be0020c773225857a9f20b8bf24e9390ca5

SHA512
43e02420aa141ebb7ebd32af4ba540b7441fe1e94c0d4d3038b040edc2e2265ea1b77eb5c648ca37594198d0552ab339ff1d5614255ae6416464f88d8692ec61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
73d0c4ac8863f103bcd2b7272aca8691

SHA1
97efe0ba640331b46dc7058304a288365ab5c7f8

SHA256
9639105ddd9f67b11f8f8c2f2f841b34ce096f26ee3a692543485adbc78eae89

SHA512
76e48f7029fd538e28f797e620f6b7a14d8e58c22e6b87a645dde6ddb93b4ec42bd55fc030f8299e34a02ce055638bf532f5dc64d1397c08f9da26fe41bee89e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
75def646752cc397bed7c7e5a18e431e

SHA1
b7b14c57f9fcc5582392107fc944c56ece5d1f33

SHA256
8e28abe8b9321e1ca4a0fcf9a2a46be0ad4bd0b11fb48825d7af49b5a6e6cb1d

SHA512
3cf8d1c4628a0ba709d3f29f87dc9625e2e6a3fb3deea31f2793bb4800f38c551a67e293d348da05221d166f4f4571f1a93be23340090e6166d92e986a44cd73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9e370b8552496409809b7c4ca4d6c5c6

SHA1
9aa62f01e5d67f30927675426f1a48da386dd4c3

SHA256
04e62d6ab3e7dfc8459cda7bbbb1915e573ac12de068a4369ed4dca32e92e0a5

SHA512
482dec7658fa057a3ccf02e044bbc2207418ad51e2dee60ff7069b1cb7eea644191fb43aaca7f1b3a61082821cd16227489644562cb2ee78dacf5e1d39aaec9b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
5b93d64a4c11633299d95d0ee8feeecf

SHA1
90e32a8b3f4b02b329de3a5605115cd2dd2d3e0d

SHA256
5a1f22f97eeb0f1a2ae5a6ccd08515dffbbc3ee4a6463d8744b0034eac5fdc23

SHA512
bd237e23fc492975cfbca05e0a9bc6f8a3526828a145b2e2b712f075cd1458ffc66018e7e430199a2ea76d3f6f41628f0c86254088b461f2324e84b695ee9cf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
451a74733dac415d359e0d18f390eb61

SHA1
af6b0012f2d4a4b5be7c103d0cf7835d623a8ec2

SHA256
2e5aa50b2cbe1a9fcf56cf5711a6a6a9c62642d6059fdc5733dbec3dd2ceb1b9

SHA512
db2729fe0e194746cdb84430aa84b008bc5e25d100339067135a888d9756a30ee409bbd807b2c950fc4be009bac6bcab7bfac72bf9bb6fd9e6ebc0f879f5fac6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
f6a72afb4afe1a58c741eab761c288d1

SHA1
fc159ba359246433a5628ad19f49acb62df2b57a

SHA256
8a7178c0f2ecfd4da174e59236d2cf8b8cfc250f070d2a280118925c18d4fd11

SHA512
ea50fa706ab5c2959095e62e0f2a03e2abce867b7f5cbf0475cb16b2faa49ce28b7ae9254f34f3d0346f4be3cd4e81033337dc91524316233537e9506e6adf04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
f204ff05930d8ee467fca57b1d90b0f4

SHA1
3033645c2b8a0029f23693211517d410b14711dc

SHA256
53f6dce8027e61b883f7291196656c8e8f58b7527dacc6e40d8af873e95bd287

SHA512
0c3566735dac199d446dd775b93c093e3a0558f5c3aa499bcc26a296d13889a487f9845810e2cc110f978e72bc49111fb3d87a471dd0f08c5c9c440dfa0bd333

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
670c769d9837fc5871c794c70f732aba

SHA1
295d5b99b609cf532c4f3ddae24a5be2c3a995d1

SHA256
a3c0dbaf5b2e1a47123e5d6a488d90451e1d09b4c9425d35db43bcf1895c6ccf

SHA512
8064b25e44c9e752efed3ca3a5e616f97d9c226af8e7be8723b36dfd3082d466c5c46a5aad8fed65059aa527248c4f4dbd303c399c9298324aa03a30de486297

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
aac3217928fd84e44af37bfab6cc4ae6

SHA1
c3ba7079a3fbca116f1121540c749c1e930b332b

SHA256
7925acf5c8cceb75ac27fac6cea0cedf2b24631339c6131c2a37fbaae68158a5

SHA512
0008eeeda7b60f29983527a0f65d0df4de48a9c339e7a01b927dabfd4b1039df023eaf4222e1844974930fdaa41764177f8a5439ed467bd6256af0d97f380b5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
268b28507198b66f51a5deb94ed56494

SHA1
c94abb1da2b80f0279f2a0973b4166edcee903fe

SHA256
a00daadeafb5b8595805d1dc812307c8f002cfad741991f6cd8bb1146932ced7

SHA512
1f09352afd47ae262505cd369b5548a10a0f8198e710e8e87b93db7142d2bce85085b985e8c853a6d2982d9ada73ab5c08b6501ddfa5dec9e1a48b6c96e40f8e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
178e3d6964bcbec9e8b12817b4d0022a

SHA1
4345bda396af0ccb84126f7a9a93fcda3b30560f

SHA256
f2fb3fb91f86d8e55d3722f922c808bc6a047fdc28275ee9c71dc4cf8592faa3

SHA512
c68ec46468e373030fce546dbb64fa169bbdde9a92bd24c3cd5da7d60be8460d8b638c8263da128002a7c74a30cc296bb16e1128bb1477df0b182ab8a24486a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
3ed6ff7e5640fc59c3c387f755c34408

SHA1
8c1d818d3c1126a3fd321dda8b05d87eb599f521

SHA256
ad252b7c3159fb49afd63a6564d52985b8f822a65dd2d734804461af7fff7e33

SHA512
84c61c095dcf18784863d1d8b509aabb3716e5ed1b9f65118d4865b382369b3aa06706a47847a924a512ab1103b2a666af3f067267a46d369627c4d5a48f5ff3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0b9f1aec-290b-48d0-8fb3-4832ce196771\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
b6f48def1ad0dc727f479ce8ffec8a6b

SHA1
488a3d7c23f20d7c90d9cd3010d31836d67b4028

SHA256
88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec

SHA512
ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
2c21645d8ce4a0f9961f350874914a7e

SHA1
1490bc433ba939ff6f739683c3744e69cd419e9c

SHA256
a434e2db024f9449a09231028819ff31ea0c65afc89558a9705710809c896b65

SHA512
caa45916182dc78670e6fe214807ecbbf40b8fcee0d00e11e430e63457be7b08a6f9b57e1b5cf3cf383706e4f4e7910a60ffba8df8fc97380095fb66ef40221a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
38f920226981475aee4202268f35a166

SHA1
db7e151c84a8cf2cddbdad9cd77334b9b0ba29c6

SHA256
765874297e840d20b40b8387125cf8ade458565ad56b9bbea5bd18604ed25f02

SHA512
e316147c47544ffc3ae2fed9ab05d4b7c37ee223c972b48731565e375c6681d4ca2febe7d4cb01d8aa48f79889af507f3edc81613f53248b76be1aff1e91dca9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe59bc03.TMP

Filesize
120B

MD5
a86a84f9522e0aec5aaff5697c2195b8

SHA1
a08d8025ef1ee8cbe22c625ba2909d41e0121444

SHA256
3c1e368e1366b2517f326e317b8ecb9ec2eea4de2ad0ed42aec30d93702d8702

SHA512
c66552ba16bedf80c1bd4ab404dedbfee7b5a4c878c172e5e6678f02b41395356c3afed7daec80d748b205e04ccef02abdc657b5e8762d2f49e1d7950082037a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt

Filesize
105B

MD5
ebf4a0c3863e0e901f4b201f38cba33e

SHA1
69395a0f5c5493b3b41f36fe0c3172101b221e44

SHA256
b2a9a9eb2c12ee38e5a3f43e0a72e98afdc481cb9e19d23fdf133d1a8c8394e1

SHA512
913e2b24c00e7b34e30e27bb4ea68b69e8260d4bd9de6a467d1d78b61e62472cd04b1c435254ef30684df4afb5e1359d5e0ef52a860b12c864139417112560fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ae689a2144e9e24bc49282f4757ca91c0bf7f5f1\index.txt~RFe59381d.TMP

Filesize
112B

MD5
9af5d097040d052f1d1ae8cff21f6576

SHA1
6c9700cbb1c0bae2137abd77803b124c046b1dda

SHA256
d61a10f226c3db4cd7966344e9753cf953b8cc226f060ef7eb335c33eed06d71

SHA512
e311b90d1fb5cd0bb319206677281b571522449cc47a297fd8975d50ac4995e281ba31c8d16373b0a88c48c5eb8b3cb788afe1477641070e3d8dd26805bc132d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

Filesize
7KB

MD5
1cbd05e6a4a645dabbec0782f69ae823

SHA1
8779ac8cf1fefa2b36c5da73c460afafd86eb031

SHA256
8a7c571ecd245bac32780c87ff5d477d395428b4dbe95b2dad1af1dd34ad407a

SHA512
163ff8495eb353dbbe53efe5e94ed1bc26aa480d09402a214de88bc2651d23564bd5cf5f68165cf0b92ffe5082c98de310041dcf15ac1ddd1f11eb50e3a07559

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
77KB

MD5
99328b444da048ce1aea10d2752fb58d

SHA1
27959cb1219e66970bb539bec993226e5f66e747

SHA256
faf75cd48b17dd9e5eacdd7ffa04f988b410cd478a7abc3297278c51fdc0278c

SHA512
c036166dd320b80877d5aceeafcb72479e757f30e61a59ba6060a4bf0bb8935e5c2d6d65c422a76baa37c78e3385f39f24d25f47aa8cc839eefb40642cb6a2de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
172KB

MD5
dc15b7f7287ea2bdbf26a8ee6a8d1876

SHA1
ffac3b6426224719253f661503b23b9086c56e5d

SHA256
5beca64ae74823ae62648ff4fcb48e4e7b565f26ab45f01304a29eea762aca21

SHA512
8072021d9ed85845fa05c478bca254ad1f4ebd19a8d0cb51e16760a020518cfe2105b50cfadf743ba59d9b2f567b5f2b7b655b629ca6f10bc32a342689d89f14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
925ce8196fec89e7fd6a990269b0ab3f

SHA1
cbecce3b292d98f072874a215a2424db0e269128

SHA256
61df867d04a2e1b8dad261d8c2615d7dc16f09826d26f9b58416b67767dcb1c2

SHA512
a9ed1648f68c2d6003599f6363bf490061609ccf3f72dc869155e68477a800ab08d1395662a8283b8faa2f06d87ddee5eae40102e3eaac860b8fdc8eb4d514b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5983bd.TMP

Filesize
48B

MD5
593d5244697f1bb6dcb8f5718d92cc0d

SHA1
c210868eb20069f8c0ff9ed1dcb4f1212aed3cd7

SHA256
a817f68b9d53e6a862f7dd58593947c50aa4151e06cf0fcde8fda3cca46f9037

SHA512
5cdf99855203cb752433c1fdb9e33c8f0916c56eac2ba69af401da101cc74028e8c7f45a3ca60becb3012683bbe49d109e9e897423147588e72ff6669a40e6d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
80afb5591a9bd33e0bdf71e33f980e16

SHA1
a04652080e01764c10389b3b3b367c2d4b58575e

SHA256
17ea21e25b11177c0a74901189147a1578b5b3fcd4ed67e450201b68497224dc

SHA512
b4fa29c7f619cd7ce02ba0caacaadd22c127553ec105822b2b9cdf5fb737bbec9737501572566f5882395fbb93eb70ffd8da7fd8d32d51772a90b6d6172c5856

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
160KB

MD5
ca7a3d219e5a325be49a16f810f86247

SHA1
8038a649c05f12342e8f5d6ae4413f759c58cfae

SHA256
f8bf1264ef3943dfa91e144fc51a06693e540ac8f34b1e1ed0b6e21f0071d6d6

SHA512
2ebd9c4f48c959bc43d91264443a1e48c2241290a8e4c748d2f9712b6c1bf06350aa280ee1c5090846f6a7240a7783ae8fd407448dc5017c6e3d1500080c6cd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
9f7b64e47f508976ae2e248467145569

SHA1
5a6dd92306b344d807c10cc6f97c7650583d9cd4

SHA256
dff5a7aea6e1f713708fc17496c6634076961f84f59f3f2245b297162cdeaf60

SHA512
48319156c17a75403f01153aef1ffececdd3d2f586d261a574022096974f57fcb08e286b13703afdb0acc5e47fed26a1c559bd6a799f03bff8d3332627d052ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
65fe3441521fcb5c23158988056a40ae

SHA1
23f5d62b4bde430e0b7b0a53d5746882b11bce7e

SHA256
f3f1b874b73d09188f91a664cff66fd5def6ad4625ef89cb252a8179e5c05d52

SHA512
0c18e8ef60a3001906b73f2a8bb0dbd87a06147020db07b5d02559aba8b0372b7f4ba6c364fa4c001fb3356ba2a04cb5fd7619ba2d65248af08356744e19ce3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
17debcf86395edcff8d54ef4b01f7c1f

SHA1
1fed401e943fd32c511070ec86f0a1c9286f60ef

SHA256
e23a8d95177b6ed635600f5d56c1ec2ebb50285e4bed5e9f381dcd17580b9ab0

SHA512
1463c319b4c49e93f9c0558b4ed8ff5d1ea0802b591c7898c6124dc54b29131ba1e24323b12e22a8b6c5a9b0867464a2e084fccea078f1b82f1cfeb64918c519

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
868ea865f4f6b025a439de4d4f575e44

SHA1
368cdd9a3606fc26879ededcf7760b32f125206c

SHA256
b519ca14e28d0dba64b5bb2f694c3655a549d3b249f4d9dbc39c22ab9700be93

SHA512
e14cb1a063ac740eac85351254aeeb3d93274f9b3dfa2dee309c8c49be8ce864f66e3a27fe6e11e103b192ff879a865b66b2594a0a7a73733e2df76dc74c8a6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
551fa951437363002c24ef1221528040

SHA1
eaa2f08c01cb048d5670bb8c786427d137d99226

SHA256
8f332e53360eef5fa68422b8e97085890c6c3bcd52c567e0e4d70aab7ba31b65

SHA512
47adb09e0cc2d879646159eb09f442bcacd545d174f0da7ae9cc8dbb0719449e37c12d67d9fed1c0009bc0960bb1a19289605ff8235e33843e2bab131bce73e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
c49ec19b35b12620f82fbc64f4506c37

SHA1
8da9d734d1030875c3f4335cca5ecb834806610e

SHA256
fda557312e1b9bfdb2d2d3f458b4bb1f64be3a9c40f72a51012f53f9abfde9b7

SHA512
2c1a2a38d77f03a5ab7f928427a45c6a74fd92ed6dc6f9172e9e99efd9716814afcdee6ef0efca8635d92ec1c8c51e1f461519f4e81b179d8cc7ec46633f2698

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
d9231074be804d856814420eea789dcf

SHA1
380aa4cb9223c4c51540b873f6d301baa6328445

SHA256
e472bc1bc476eeee6b5c2f2a60b684c3cc2613001a229cd255960fbc7056bd94

SHA512
fc9b622a042fbb6bcc63a3a892b42edbeb4c41e104efed05efc45e15aee25fd434daeb3fdc57332d8fd1a0e854a723fcd4707f7ce0e801ceca89cc181a3dd608

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
76dfafce8991bc76d05bb9647e94c007

SHA1
2a7ac5c190d8fba3b819ddc87029b696be0bd927

SHA256
cee9ce29237c411e47453eb3b793ee170fa01c432739d7f15e20d3e63ec3570f

SHA512
3d6ae899bbb05fb8f34617e04bbfddace34cf32b87a08a0d4c03a008383df9d1763bd75a00c73b99f9288d979e88af12e9c1b90ed232427bbe07cd8675f3b18a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
160KB

MD5
efd03df790733c0698a269673ddfe91e

SHA1
3bd6e9354b32658f041e383a8ce11b2f38199070

SHA256
ce32eaed2b0213a20a65c8827d97cad9be3fd5b60871eff063b524b821c30926

SHA512
02cd07bf720a1635c4d2a9e6e552be2a71754d1aa5221946564fcd430db8c9017341066bb08cb5db535aa391fc3a1569f8b7da7bb247fc4a94aff11200b0cd90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
f2dd9cc6b9b7df761e6195c80d3a18c3

SHA1
d8eed8f0ac0ef9c35aa5f13f15f3c43195fbdc06

SHA256
92543e9e5ee1983d1fa4217dfce5b8425658567ff7a51d60bba3e42079d57b7c

SHA512
46c76e9a875a0fcfa080c1481bf79e627ff0513936d90c7ab3735757cdf4af5c16d6df1fab7c4dff845ed5f09e623e9382ca6f177e3985a0e70f30738f505c5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
3c1d3659d87654e3934e8624cb11ccd4

SHA1
1724180689889cd1c26deb3af9ea48bf19a5182a

SHA256
e1b46ec65a6bb0cfb20e231516eb5268ab022d7d009c44546672e19ca06c9e1b

SHA512
1d99a65b0307c6d902792d3b65d1a47e07d9f41a48463426d7ef147cc2f5a5ef916f64cc466cb0bb2d7b508329f7102b7dfe94b9f445c74651e1557797128887

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
292KB

MD5
dfb6b8f1d76e6b0043e2f89efdcf8d3c

SHA1
683b91ab96c6a9bca62729d2b2bf04a77058f3e1

SHA256
4cc708018dfeea707ca04ae8619f22219bf14daa218a2c0af767a323b4cd6e25

SHA512
b7280d2b8dd5add348b936cbb95932db4223e0b0d21c6c6fb01425549c40c355dfa2cfd085f981b91090cb746e31310423ae4736b49447825f7124081c3147a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
160KB

MD5
2b869f05ece0e9c4a21dba2a039f62d9

SHA1
997c38566a1c10302539d31da2ed4132fab29760

SHA256
e327b9b0c8717d1ff0b3fef4967d6793c143d371e0721cdda00a2697dbc07fb1

SHA512
178c7b3734a075a35b6c4bbf8f407d6e887c3510e51f5fb40ab69dbd81925e0131a2fb78d75eca5e9bb4f676931bdad8b782288fd872f49391225ebfd9127f00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
a7acfe182e00ca971eb4925c3b2c903b

SHA1
e1f995bdb320486657e3c4799ac858791844f11e

SHA256
43527234ffb34d84f54f9ade4ec61c995df882fe011a8e32e311e86957dc1539

SHA512
ac232cc63a3d1c56ecf3953f7654eb3efa946c3a1cf586f0312a904ba9aeec9cef5a7111d3586af933e15c2b4596b03bb9fbaab9d944445e71258d7a77dae06d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
107KB

MD5
9eb16573f3193e06bfdb050409e9db32

SHA1
a3208bcc859a2c0bb3a1c3e9d844fee1def7a189

SHA256
adfdc9ad52092a87f2cda77b4cc01df09116fbaa353e8bbce6443e0049153a9a

SHA512
7401f1f75c01ccebc565302bd6406ed5649371b56b809a6178d521fc9a6d034167746e3715457c7b51cb0e4329ded856e873eec59756d99836e15ba7ec553100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
113KB

MD5
136b65ec7b4a3f46670b42e4c52c3cfd

SHA1
0e0ba325fa4856f8672b26561deb220623e56b14

SHA256
c03ca555037b5d8682c6852bcfb8bfd75afbcb186956cca417325514724ba3b7

SHA512
ab44e24761fb213c6d05891f63e1c26baffcdb12a16f3241ca2ec844a245d4f6281a98fe7d02148c23c406dd1889edd61b165dbe911edf2f2639a114a1a367da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe590640.TMP

Filesize
92KB

MD5
309a042462d4124cf89b90c25b300a69

SHA1
8fa6e3c528ba6e0a6b7ffbf40e476697cf9b72a2

SHA256
73d290e5e659f83236384bc32517d4004693f7c6f607ab845d11fa03d42e433d

SHA512
d56dd38880ac0aba3e981e45896bc883c280ed86691dd31217fbdf7602e54f2fbcb525dfbc5713ad5cee4343fe34f25887ae82f6d185554a7e8a31a5e97247c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
026681ffef7c6d525b0fbbedac616f7f

SHA1
83c7f394533e1d2562a2ccf722d71aee7b76a40f

SHA256
85663641b3da1c251176116db9f09d0e9385878c4fb39fccee2ebc1d05a906d5

SHA512
48ec5a2ed900ece3b2cbe8ee80f568886c801c40aefc0f8d022bda58653f65a58c82dcfe88cd7115b691f94186b5107e0600987dba0002c33da6cf485e2f3429

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

Filesize
14KB

MD5
3b5d96d4084bc7ded718b9f7d431beae

SHA1
314bd11bc0c2e92fbb0580c964f5635c5c014a0c

SHA256
32660fea9c586332517aacebaa0a553dcb9e433b97c5020c391e6e79f2990e53

SHA512
ee5101f293e49660c76f89d954496965c6fcff7ef08a56d60b055bc23b9e4cd38c5a06154a57c8424bca4004d38d90cd12e3d11cc5728ed6c9e0a7279f6a2a15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

Filesize
14KB

MD5
b60788ef6a57a82b271f51cbbdc3a40c

SHA1
aad4dafd31d09966b03fd8b8c5ff9dc3605049b3

SHA256
862be43044be77dea8d97e264c2e2199e81b577f52a0a43db62162fc093eeffa

SHA512
4eb8773ec71b827fca78df8b53d8dc522f780eedcd033b2471497ea64cfe1951f0c8715ddf649aa1f3d6d8cd2b2e6562554b08b0e9267d6c7681766ac4ee1d2e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\WFQ509M6\p[1].gif

Filesize
42B

MD5
d89746888da2d9510b64a9f031eaecd5

SHA1
d5fceb6532643d0d84ffe09c40c481ecdf59e15a

SHA256
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

SHA512
d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c

Download Submit
C:\Users\Admin\AppData\Local\Temp\evony_httprequest.txt

Filesize
168B

MD5
ce86358a6a27f775fdf8c1a7c88d3864

SHA1
a40c94bf83a2333236e4d156a9fff04f42996c8d

SHA256
b552adbf38ab388ca41489fa63e3a110807abf38a73bfd42516d2bbf70393c27

SHA512
ae45e7bb2e9545889caabbefb0268b0d0f9259c2db4fd4201f109c6983bbadf6b88c2f8ebab45e6e3d22e27aba55dabe3fb5940bccacc09edbb1efb672fd4ec5

Download Submit
C:\Users\Admin\AppData\Local\Temp\evony_httprequest.txt

Filesize
302B

MD5
7d46514e9f51c73f778e20a1482e5fab

SHA1
3ad3cdd97d36fabd22bd508540eed3769de2e54c

SHA256
d373dd91594c6cec4ad0f4ed76914e0f72b3b90b337a068739cb580de11ed3a0

SHA512
debc8b9de57c25554c2a72b179f9bf7c9ef751a4f50b26c2e1833478cd26cb5ffbc778ead0d850239889e95540f298afbda7ff4db834ce3f7188d36fce986b51

Download Submit
C:\Users\Admin\AppData\Local\Temp\evony_httprequest.txt

Filesize
440B

MD5
ec6f836b9a1ec0167b3956a2e22982aa

SHA1
e0859bd4cfe85c74fe892e537c4a23ec841065ce

SHA256
6fe3b7a7833099a9c4da1c0657172a32d3508a502109b78030a5de7e454ad21b

SHA512
74498d3c34c640b09c003f8fd8b14ef4c70ca017a8e39c21b2ebfc88e0db93ab09a42a842e3290fcdb486968e892de240b1c01d71fa5ec37845856b53d631bb8

Download Submit
C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\System.dll

Filesize
12KB

MD5
cff85c549d536f651d4fb8387f1976f2

SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

Download Submit
C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\inetc.dll

Filesize
38KB

MD5
a35cdc9cf1d17216c0ab8c5282488ead

SHA1
ed8e8091a924343ad8791d85e2733c14839f0d36

SHA256
a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df

SHA512
0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf

Download Submit
C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\nsDialogs.dll

Filesize
9KB

MD5
6c3f8c94d0727894d706940a8a980543

SHA1
0d1bcad901be377f38d579aafc0c41c0ef8dcefd

SHA256
56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

SHA512
2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

Download Submit
C:\Users\Admin\AppData\Local\Temp\nswB553.tmp\nsJSON.dll

Filesize
23KB

MD5
f4d89d9a2a3e2f164aea3e93864905c9

SHA1
4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a

SHA256
64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb

SHA512
dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad\reports\7638616d-554d-4a32-b1e2-505ba0bb4bbb.dmp

Filesize
1.9MB

MD5
b83bed030d788e0dfe310225eaf4f424

SHA1
ad276a4de572c40642370198a8eed9db68e3f423

SHA256
c9c44ce0fecd407b632380257040a6b7a89f33c189d6cacf4d7e71a672bfb8ae

SHA512
2ee5e4f4ef512186a9acf1eb5037abd8eab70e9f513528820843ace6a544c7881ee7f4dec0363de63f6c93152005896d271e68c2a5a9e748d86d2b33aa015364

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\1fc01653-af70-4586-8a17-f0c7e830f648.tmp

Filesize
148KB

MD5
728fe78292f104659fea5fc90570cc75

SHA1
11b623f76f31ec773b79cdb74869acb08c4052cb

SHA256
d98e226bea7a9c56bfdfab3c484a8e6a0fb173519c43216d3a1115415b166d20

SHA512
91e81b91b29d613fdde24b010b1724be74f3bae1d2fb4faa2c015178248ed6a0405e2b222f4a557a6b895663c159f0bf0dc6d64d21259299e36f53d95d7067aa

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000008

Filesize
516KB

MD5
cca340197220e96581d6aca8f94927e0

SHA1
f31cbc430ed7661698a5b0e2ef63c2e0716193ea

SHA256
26f2cce66aedc8daee96aa03a5f980ccffdbc216d2e7e5bad81d3a5b5d8e5c5f

SHA512
8091dd259e2fa23877d0341bedb3afb9a25f94669309e2c913bf2b9a4e769c35759bfdb6b0e4ac8591231f95e1187e86b15e60db6220f9e7d8a11a370325b0c0

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000011

Filesize
1024KB

MD5
15edbb4d85cf503917a877d894fa0a18

SHA1
45b9165e1a659c3aabecaaf3ef8672f10541ee17

SHA256
6b99a2c0c946d59d80a1d56f795c61059cec833c904aaf6397eebd21d8129d8a

SHA512
4dc82a722cedbb945177fde76aa5f5990f81aa6cc09988949340ffc1c7ece507508b6b5f239c22388c39716cbe4bdb48d88b2fde257b8f40cdfed695a060326f

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
18KB

MD5
115c2d84727b41da5e9b4394887a8c40

SHA1
44f495a7f32620e51acca2e78f7e0615cb305781

SHA256
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

SHA512
00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
805cbeee077bf486ede572fc91a67e2e

SHA1
cf24f951953239f00cd82520534a855fd1e0af6b

SHA256
c3eb04fa56a481b53f349fddcc9600ce3ca7cfe916ed01b9d465743ad0c993e2

SHA512
743188e06bf96dd6b59125765c887029c9dd6d4827150fd102212e0e0554a94ad1df22fd33fa06ff01680795c69ac014421788e49507277e9bd76c6c2c7a5480

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5cab1c.TMP

Filesize
48B

MD5
f22ce9acba6d3d65ad9f52f6466c80c8

SHA1
2857052352bb53d8e16b47f7d6b628e283c836b8

SHA256
9e92ab5810435f8859e2f9a394d949778a5a3412a91f2dd2c26bcbce2f5f45e4

SHA512
780fc9b8eca3c7a5386c00de9f34c56372360d8860a3a91870e1b86642705206e655f2e2978dbb5a083ce5536020f802dc128fe65ef141d409e85efa2c6aa824

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\DawnCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
a06b10c3198926942cd0f09c0784d20b

SHA1
feb988736dac6fcf4bec632aaa78686eb5ac1eef

SHA256
d6d9d2d8c7f19fac0db334b1e2a4ae71ef7341cb78027767b54e11542572995e

SHA512
8decb5c78b08b11b03178941fe5276907a598d9cfa8f031ce34c3611760582c21d56b54a7fa19b0d9971ae8fe4d675c4d3e1c6888f03e1fe9ab6964dc2e74ec8

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
5384f90aec3ed5959e85b09ccbb253a7

SHA1
8937f43c92b4d08c280a38e00a17b97c4f1b9be1

SHA256
c2d3df86783e657f5f2e5621f4797bfca4b9bd95a04b6677f96935b974bfd554

SHA512
02d9080b28cf2d8c159f48f14c62f42c328788703d029b17a25dfb4e551063c1d1397cc2fd40cc013ab6080ed37f9895d28ccbd3b9479bbc4ec9ad8902ef008d

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
76c898b609e4d4fda6266ff8395b90f2

SHA1
a6598a7bb0ba374815fb28e812bd119eb98e02b8

SHA256
d1a688aaff3d973c717d422bea3d6015d9ad8bd735afe9131c17057f71fb0b46

SHA512
a1df29dcbc533d4387696dfb3a6b5f44dc148049fbf9c396c1a98fd5529eef9ffe5b337e8b78791dae2551abe45a2185f43c7642df6e7a27eb724963c8ac2858

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
11123a39cb54d92158f07b13a3c1d7f6

SHA1
5fe5139407fa98f4159d41807d3ccb8790077305

SHA256
fcc68a0b7610884ca437b2fca7aa49790ce84fb571f76815dc91c5cdca0a3ed1

SHA512
d3c5ac4ae1ed7f43f2b2a5adfcc251219a7d043c8ac92f2ff6b797d7fbab5d290977006cdba5017f88953cac04f32c9cd613c9be1f9048f708205915f9762b0b

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
746a8e3801c86afb47fbf6ee11d2a8ba

SHA1
e1cdafbcb091ef4e28714a2caf01999f87242079

SHA256
99c549f56b1a97744e93781c09d2eac58cd27924bd2b53c10451800ace43a80d

SHA512
e9335796edd82d410a9dad9139435967c2f078ab9c688ef8a654d2b88aea429a8ff4d4c81025514f485ab083983d684430f14e9613ff7734c9da83df360a715a

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State~RFe5d644a.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
fa27d65e0773ca2a762da6838f294a5d

SHA1
2dbcb6bd42857709543b3f4efe5663af148c0e2a

SHA256
d2a7525472260eca1d48b80ad38bc218edfa3c397aa866d1268892867eaf01f7

SHA512
b8a42b3d3c8858b0dc7b480f4fddad506e2cdf5defe4678cf1580a2d5c4c418593bbb2e8dcd88fc9035b462e8a8d1b0fbad7058a3a78875c83fcfbc899801c1f

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
bc6cebb419030a60893e339b618adaa4

SHA1
74de8e9ddfe743bc6fe97b69ca0d8afdee385a49

SHA256
37ccccaa346f8bf71a1400c3b7452c8fab1002cbbcfe797983bbac24d9fbe2c1

SHA512
ef02353aec1a1b827d4286954a73f7faba1b839b270b7e62da1917785a16c52f9a92af1f7e8c8f785bbb40a0ea53d1f207ffd540cff77d471e64c0e25f6119dd

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
023ccaa3c44c5125dfbb47fa769290a9

SHA1
b909d3869a9b84b058abe399dc349ccf6478a148

SHA256
77d93d2ac80ed3b071eb93c6cad400fa2b75681e65c9fd67b414c345c5209f1a

SHA512
23cea5821c2e28539dfa534b3233e2335c2782887a1a3236181dc6ee8aac9891be671dca8ec76e7a8dbfbdbfb02d89fa31a61fb4c0a5eeed6392e68f4484078d

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
c76e81f15e975473f0c4a92cdf462366

SHA1
654e04726f2bd407ee2c23edc030f74aedba24dd

SHA256
f80af479aabe95f41c61add9259ffe40d6bf4087b1c62eee14465ca3abf8a142

SHA512
f30ed9bfdfbe0dc5e9d4c6e0727490bcd973df983bfb96836eb494432b2a9681416390c4a8292dc014ec2b03d0aa15162ef40c3801ea7d0a3e8cb4702b486b3a

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
4c89e8a517b95c2b9e91125b624df7ce

SHA1
ad3163114e1948cd0d5cb18c099c56a20241827e

SHA256
226fc78832bc2f61ff0bdc00eb170e68e3f3aafa06661b86e9ccb2f473adaedc

SHA512
345ebb0b3518934b9d835be600ba2a0925ea7d6cc208f60b1bbdb8ab866d715e40bb828e95afb9d4d103aa22a1eef74dcfded91a1cc6e276c4ceaf0d64d4f547

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
210900c22270c8b02a30498aa5e66d73

SHA1
c1b00ad4cd27acbfd4dbe4bdb70e13d82844a6a5

SHA256
a549d1973236fcd2482aa2d2aedc069dc5e66b4e98fc4f88cfe5477b84eef7c0

SHA512
4c8533cf0d635e3985f7e130b10094420f0be2837ab1ba09a557ccc4feb446b174f1ef2af34e78162ede5b0c1e6db29084dfd427310f3c01af03842a75bff24a

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
e72fb58fde5f6e84ef87617896ebeb4a

SHA1
06d9f73f03af646a6e83ff6597cd04d2790b462c

SHA256
8529f016b103bc7cf9261a439ec4de8886e2a5b4f36dbda22dfb77ed40200dfd

SHA512
3134288c4b292778337b5a70a6a50e85789df46394e13c8de40ff27e4aa779e9fbc1f1f572d546dcf31a36194fe723e11dae2a6800c9c744291efa6551ee408b

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity~RFe5caca3.TMP

Filesize
523B

MD5
55d3879c79f0068ce1b192366ab4e581

SHA1
82779293e4e3b540e7046d28db16ee9d70dba3a6

SHA256
83d69e9f47c0ff06e125c2bb8533a82b9bacfcce26b849b5bfa92be3590aeed7

SHA512
c8b411c374035e9ee15dbd0cd348e53fa05d01c88f25cda17500fa379caafcb1e2a3fb854c01c2d01fa61cf3faa2368a45f1e10fbceac70b5924c6b5f63b63a5

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
4KB

MD5
f7a4108e5ff405dca203de2806d89cd8

SHA1
f4ea8e96274b1a3e7b6729f80576dc9ea3f1bc4d

SHA256
a595f7fe323bbede9e0d693c9a04a05065a1e877f2814e5f9ec4c42428fdb2c3

SHA512
a10972539d126a5bcccde4087ab643bfb76cc08dca23f14fb65bcdc78e7e1b00c3c7e34b18defbe04637307dc49ddcb769935b0457a0688958635ea2f2a8ad7b

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
3bacc68fe67d25d179112756420ada68

SHA1
7a11c36157d0ed1578c1bba868864ee2c6dd96dc

SHA256
4fcd9fec7448e43a6690463d49039a8e20d0db9e4f931b72f1685cedc03b929c

SHA512
3e06f56f0bbee2420987d78ce1a67b6f3cb7c7749ccf8a9eb5b5fcbd8d102fcaf3d0e9ef704ffe21a263a03c860c5f80a31b720a9f4bf890e600c13b6592cd4f

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
be56cc15c7023d789812697ba583db1c

SHA1
24302201d209423bfa5615725f6745126eb6b359

SHA256
cfc747a8fbb99e5a38c4902765ffd9d4cfc36eefae2dded326b256d79ee4a2de

SHA512
6e2d545bbdf461a1cbf37d4f738307749afbf2bf1b046e66e02a2c060a57ee751f64908bf9aeee8e2c718303e524c82c368cde43de9ed8fd55d5bfa217b97e3a

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
a648efee899f76366bdae894be72b251

SHA1
c3af4773c8cdcc42c88349e0cd37f4aa46037e82

SHA256
e1337243eb1899b9bba63e4cff2388e7292b819ba51ccf917f34c425458a1b5e

SHA512
5f1f69cc7cf0e91eb020d378560db4e6d2edd30e275e268410d6c9132467aaf0d3ce86857ed3b5357af0f941066e8e95fb8370bf6913d6d41bc166e66680f6fa

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
c1cf17ead6fcfa0e8337f1c85d9180b4

SHA1
4ae28cdf07919f4d12abb958e105140622abc819

SHA256
f9ab6f146d6ab33d6f06ecdda00c6454de77bc5e87db26c0b88ae06e891331bb

SHA512
c79a2ab25865016dad9a408d9e65c19f5a085311babc795b6f61b80a7cc089e1678404e1cd19cb92e460277de8d54b1f1daa2048dd6e78cb499228854129128f

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
339f0f01fba94eb38b78ef3b1b80ad18

SHA1
6aceb178141e9acca289065e54b4d975685adddf

SHA256
2c7ba312801ab41dd1c83096c67fe15cf6ce4330026fde5fb2e47f28a523f8b7

SHA512
382254940293e65f219111de899d967fcffbea7f314ae38ee9052c031e1d6821a608a30c9113abe7a57c1626914fb56cbf5e9fb9ae8f868ce5ab0fdfc4c73cab

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
4KB

MD5
ff1d85f0177225f1ee4978434f38792b

SHA1
088a8865e0a0defc449a074183826407aebfed12

SHA256
87a7d18fe7b7e3cb37ffbc9b09bd47353f28a2afbdfc6b45ea12839d5f1aadc9

SHA512
9e5d24016ba66ec31d3903a11bedb3e9a91be40735ec35123888575189382e1aa17d948379536a0b047132628b50d51dd854a8a6122ecf956a62506a6f04c8cc

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
e58a8b917d402de479c55be37d697e63

SHA1
cd0c637207528a8b8b8f9d4b1146754436fae28d

SHA256
e6cc7d44f215fe60fd054a07db99ba31876149d2313fe2a746f02885e6f4359f

SHA512
e0ca39a8d5607ee6f3f0fc998669d8c2b5dd93da6d9b2cda20bcb4b51bc36f79d5d6c7b6bfcfceec564abee4b86ee98f83a13eb11ffd783b29d15e22ef72de45

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
8d9b1463ddef4da49b66b3feefee66de

SHA1
58c2304581fcc7568bf73ee312b1abae03d8e2dc

SHA256
d464dc6c56047ba7bf7698b52fc55003f2055ead0f7a46993ceac1b9b2039973

SHA512
d499e39bf159b017b15c9b17ba91f54e1636768d0810dcc48d9a33e33b17aad60494f079319c9f8176160840f0018a465399ae44119102e40550089ff8eac8e3

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
ddcf153ca00ace4c13187630565160cb

SHA1
641e99f6ad4765d5b3a8772d088bd2fbd48033d2

SHA256
520238927e5a36204aa5e7ded0ca5a03109f547e0a86bbc9ac6b1afc582ae9ee

SHA512
eab3b805c6157cddf0215efbebae6b7b3172a2bb85ca230ff8442b6c1c253efff4baeaf533ac00ab6c9935d43bd50183a24e108b289a35d98fdc002ce41b7bce

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
f8325f4182b1756a3f37a9888a6d3fff

SHA1
5cb919aa5cc96f308f46192a57b12897476c721c

SHA256
90a3ebe79f0b41da8b8a15e71f4d1d6f9157c5d3ec8a1304834b0b9e5c0cd88b

SHA512
736f20e4fed24ebe2f86de3b03171f8c565b5707a8d6497616cbfa95b20d47e6bdcafa2b89a94cd29737f4c883beb6164620675968f14a24cf886365133cb37e

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
2e342927f09de9f1420321bc482f4ae1

SHA1
ba12e1fc2811ba2324360ef257e49c9b7243d7b4

SHA256
f18369954d3fd08233f18f54be54b3590c30f8122e9c21d08f60663f25b160d1

SHA512
b376b1523c7f1b2d106370de7e7b234fbad6d67a4ce300652fb1674ae11f7b89496176e71eda2cc770d7946c63488021d0039a6c5c2a037370e60c5460185bf1

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
fcd71147e0db9ca68ecb5cb57d765377

SHA1
58ce392e800cb221ee8ef3e20075b806cd621fc2

SHA256
304b18008337ae1cfe8584bf07bd333b3aacecb9d61dd7711b1f2cf2f08a9e81

SHA512
6852785d7e504e5b02448685c11a3e437a869ba19cd0056f198489e3694efed2fd8a737cf71a2995abbda13b8d5ec6d0111c1de9b3f06671471351d802d5bbeb

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
2e0e47e7030baaa7a929f433a9d2767d

SHA1
47d527466aca7abfeb5070a098cc88c23ebfa608

SHA256
c4d84e256daff97324309731c0ad72ee33ab7e46a9bc7597c561e93f825749da

SHA512
af8ee38dccd680e4c69807ca4e12232b6df4dd40d96beaa497ae87eba65bf59a254bcdeaac573d68657d4ede9ea47321d7e9e7db62c064d2e305e80212a66d78

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
ba669ee2cdce0fb1cfdfce3fbe3de3fd

SHA1
a66d54f92fb5699128d46fe304cb4c72c0ca00c4

SHA256
276e2707a6e478160c566e3ac2ec416c68941f236dde7f7357cc48625c54eae0

SHA512
f51ca3fe597ff013a34d896059e7016a0aef65dd92f42939d7f2fba0437d0d8965cfa6ebd63264324e3a8ac2da6a3c97dd9e80f3c4757f59dde5deb039341992

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
277bc300c78f30f659549c91542f648b

SHA1
3c1adaef625337087b05321276f000a9534aa87e

SHA256
ce83912fc07aec521cf4e833ae9102e981929a94ed592eb4ea3eccb2d9b0b650

SHA512
18a7c3e057e91fdd6addfd71f0a7e533cf0952563a9186f2b0f63e1fefab15f383397725a79f8e4a1bb6e1bb5da877792933806109178c9b7d948ab6f805e38c

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
4KB

MD5
43172c32daf9eb54272d9b1cb9fa7468

SHA1
9acf547c96872902768aad5eca9c631478422ef6

SHA256
71c7526c18d8dc730699c52a19c1ed56e8586bea095b926c124e79b791901851

SHA512
d807db559d88052971167f5242ff1f4ca15b513d99b80fff28e558bff8b50275b6b38cddac473537e8d66c62bc74759b4bf91faf3c16178ef494c18c988446ca

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
92a825ba1a894d382a3e85ef36422d5e

SHA1
7c1136a0ad0d6c20ea32cefc0a17b7a0ff6739be

SHA256
f3d3fe1912c35e3e5c7259a248cefdc6d746251405462c72800d8cfea22f1065

SHA512
5002dc2cb882e95c9a03baf1c2697ae427c2d6432a12e0b1032f00d2ab8cfd577b6e0d3ea01b099417314de55dbb8999e499588dd4c57210132b472dcd648a3d

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
abc41d26b2d8e1471c721ddb1bbd322e

SHA1
f630b255e5e78a05c70f1c817e6e5ad0ef7f130a

SHA256
5153ce243de46407b721b10e7cde06a870efc47229c0ab6f021833e1380e37c1

SHA512
96198eb3d5556916bc2a8c9802c0cf3b216fb66f061cb129d58ec0cce9fde6e1ed37aad81b23c537aac376083e7e057e9b54a8c5981ff76faddde8f42f577c7e

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
6cb625606e1957c613d87d85e0b46914

SHA1
ff17e032ead5058517390eb54e3edc1c3d7e29b2

SHA256
7ab1b3bb0cc5d3b9d5f41c0008c61c6e08b00e90b956dfb05de26d2fc32dc83c

SHA512
50859796fb6f274edfcbe9ba0178b1351e4adb4f6ce986fd257800b73d41027b798831ff1405e1abfc147ef9c276a7b03197a46d001157138a24554d872f3d95

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
eef9a9d631e8a5fe1502a528aa5bec93

SHA1
3314b6702664a02151003ee9a909c6b38c68f5b6

SHA256
0db5ca897d456134dcbcac638653a807c2506614772e835a41a891fe269a9744

SHA512
f78e8308e421a8bfa57e62ab4b3d1be9065136b8953e71de1296eb970e7a5231623a1fd510997eb8632f74f37dc52330fa38d99adbd439dadbdca38fbe5256bf

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
c10be2dd834ac6fd7435767eff12a7ba

SHA1
db45b0861bbb2ce401955b1aae05117bf38751b3

SHA256
7b93c6d2575b9e6760d87b7b93a83f5ea8896821c0e30dceacc915fe45b165f6

SHA512
df45f143b924eef3381820cee279dcdb56827b8df403a0ed6d30b585651b02c4f90fb9bacf210ce1d09a43fdb3251ac5fb389895a860ed1193c404f379d287b8

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
1ab42bb312c8c1b6adddcb2c34176a5c

SHA1
960cc9eca66a23d7c45faded55bd5584845d3c54

SHA256
ca7dba8c9f58ae814f2516ed333ca721d76bb1bea879b7c8bcb2560a85c894f5

SHA512
804ea7f4ee930501d72c7201f50e0bf8a2c955d5b2ed44d480cc2700e16cf1545168d659d8509d3727e52177adcf94c98f876ecdeaa0daa4a9904f954d6a32d7

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
1be42f5a6f5cd829a927f0c511315afe

SHA1
6cbd79db26a0fcfafe00c3ef11e9ed332a50ad40

SHA256
9e82ac257b96bb97d75aca9dd75acbb0549ea7721eeb195c007367f8e518381e

SHA512
d35bc06c4b2b4e2bfb0528f6df5de4bf3c2c87c7ff762e20f7b56326528c41c4bb7f4dbb15ebcec09f637cf7c04ca0010e25e435f335e8b1e1c642bde93b448d

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
09641452c8534371ba07c6e20180b908

SHA1
7a67d6eee52bf65b62e6b67c2e70f77aa3bfaf30

SHA256
5385ee8a3487c65fdc7ea6a463b0cad40d30432336e3e3bdec396cdd9eacd347

SHA512
0fedbb795a1d5db832310d3563ab534543229603614d7cbd5912d3607cd09da53e0b1193db72af4fa0cf3d72c44922ba1e19b6c1eec4b6bdaabf9f1cae7ba696

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
da55fa6d0020c75efa829fe19712565e

SHA1
70b2928da1595efb8c87105219cd8ed297d4b4fc

SHA256
d5ea8603138f293b878534ce3926f17f6b1e9bde5d72fb6335ecfc6d32527749

SHA512
64ca79163965ebf822cb2f25166264d861e363c61ae755dedfa109aebea747843c26b0d2949f2a17277392bda07f3e25b088b2474289fa939f20facb6f229d75

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
edf43e017dd3237ad1413e32b561a3a9

SHA1
909797a1e79bae362ae96e53c46cf4fa19e6b063

SHA256
c1fd2baec61517ccfc426c8a0c1b0b2dd8c40f786b246d308a89968d7816ee08

SHA512
90a12de246428bc128368c0946a98f3d43955a06abb9f6c6b6ed8b76c2afe74f596797a104f63345cfe042a3ef9e57a2a4739dd10b0b948abc899a77b5b9af5d

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
9809c5c61d7cb568a3533f6ec67dcee9

SHA1
7f19847d450d1ac47b02b2045837718153eb3ac3

SHA256
fd0bfdd94956babb6f361ce5b1164e6abd56f5ab7e2ff5d22a92412bf1842b29

SHA512
020ac9149fc6b5b5b6bfaaba9bc4cc49549732e5884f3c8efe58a62b2ee62739fb8e1bee3995f0853773af8e43a0cb18819e78b272f321dd3ff915bbbb70b8eb

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
d23d5dd65899a742a3f01dbd4966a1fd

SHA1
7d112cfb52923d3fb373d863721e0046b4e22522

SHA256
402afb9742612a1924ac163c6e5d30937c0b32a70bfcb10f6c82159195b5f333

SHA512
f7670bee8cb2edc1b5359e9bcf7e27ff19e79160cbb41e234f0507e2d169af36f6c00a1050224568fddd6ff83ed2db02fd8a2fc02a8d32565df1de52f3874e0e

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
0de15fd6d7fc68aa50720deb9e3a9f20

SHA1
b05dba60c56e33183f4871a4f84b236b12179a74

SHA256
2504772a737cbfb68d70089440e1b21dd6670ad04b3bb04155372024c077fe59

SHA512
21a458bacc7d53a4ddcc93259cfe4cdb5ea3677eb807dc2e16dfb7d50aced232fa2bdc218a789c9f60fff8b3275f24514f04fb51e8ef117f27b4ea64a48a5994

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
d443b85dbd95aa41b815df8cbf29cdc2

SHA1
7490b6ca9605dbe8fcfdf741f59ef73edbbdec4a

SHA256
6d7b1d5f1b5602d63f351370498cd299a52b53f8e2240d76b8ff887e4d0d9cb7

SHA512
48768bb9ce0a1271e1513227c4f83f13615f0040c2d0e02d7b4105d22cfa79784d000458679e34f082f27e9084c15573ca6a2b8038257d8fcf4b6747e6a2d169

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
d24a226c929165b8d4ac4a8f42db63ad

SHA1
6bc5285ec209919996333bc804df11e998be0d54

SHA256
ac3a36f36b3d1beb2d3ef0fe40416896211c932f615b6e83400ceeabfbdc7cf1

SHA512
21effaefccb4d3842cc3eea6b1fe1de639f03d848c821d4761766b705890cdaca85947ebae066125a597169c5a5d8cc561ae370a11d5f47847cee7b4457accb6

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
136797d08a8608dc552377bf93edd945

SHA1
e79008b95a3ec81f257c427083d1da3c7b3ce7cc

SHA256
c6d7b8fad769d04fc5ec9713191c34f3aa98257919b8be2a97373723076ae506

SHA512
e58a7cda7057959dccec7aa450d718397f9e08f05f1c060893273737545b48b868039fe4cea89a5b7bab05fc0782fb65c29ec99bcbad35e25cce387068ba6ae5

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
5f48366b5581ecd3579745783e6c35c5

SHA1
cf3d23f7f855e5f5ed1731fa86c75b49677dc854

SHA256
f039b7c0d0035afcb7aaa652d0676f65a9bd4a7af10e2d5de1fa1b0a9db49cc5

SHA512
2077a6aa59c17e2e7a6ee34699c40ab7f927603ddae898bd5cc0cc8598e51bf0702ee7334a4dc7de6041329fd6b3fdfb3001874019e73bd0dab6577b4636c1e6

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
e575db6a00cdefb03ee23a0ab7705373

SHA1
53bdd8bb9d2d56d0609fae9a8839929879c6f8b3

SHA256
f9e3d0db46082610b9cea165f5c6a233a9e5660db278f9a9beb551818da80126

SHA512
d58904dfa561d08e32972f7b4db124ff587251fe2ebb4bea276cf8c0a46e696ef5ac510865c81e23d3e37f4b625e18262e97e9f44274e88fdd82c0d1a8941d69

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
f6954d8fe28ac434d1929c4b945cb6cc

SHA1
5d9fcfe5819fac9f0dbc96bada56ee115bbe4734

SHA256
7444b22c6b728065d26dad8d7a24fcee639806a33c193a774d6ec9f6f89a7597

SHA512
1f4904a2d54b40d949754249053481703a6752e6ad7a9406976ae7e9d908a406d4abea76e47cfabdd49a26acd41fa77d83ea2c3c293c605f402fa9be839b8bbf

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
590da9805e942e328ee4863420060da3

SHA1
583a1e3dd5fb38598df27bd950d8620214afa75d

SHA256
4e5d246e4884af5872823d1d9e7fab6cd415808ffce9abe1bdf2283258e2f327

SHA512
41094a5849cad0fdc9ea990721bc67183a65aa4688fd5678458bc187b2922c2a67a18d21c783f66f98f5532fb8b797d73553dde7458eab348c488239da466f19

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
760caf429412f9b48528382f84c44c47

SHA1
383f245a4e4fece5984ce73c9796510b6f905912

SHA256
a00d826fb9d700befa71615eb1c727417991fbb81fc2bc34732d92aec5212a2e

SHA512
8d6aedd8adf99c89c0e83a94d59c042ae64fe844e7b5b9d8f277b659ab30c080f9df8d8b36e318bd57233ee77a470b60d31eb2262cdcd296360fa17fb8aa6eea

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
d6cfab397ae903c68d30d61d2a4e50a8

SHA1
e8c61538dd7d147bab72bf751b20d885075cb7d1

SHA256
663e904c77a80db729e578b7adb2e8cc7ebfe68d07a76ca82ac9ae8f0ba4d016

SHA512
3c23d8a8b64344e3d697cbce92b9c04e2f09ec353d178be32d90cd88282321824f55c8f05ff2f695f189a8e0abf609fde23c4a3f1ce07811fc1fe9440ce47383

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
3c314f812a7c8b97530393159a1186be

SHA1
f549ce5631801c0faea6169d59c0517096424f16

SHA256
75dac86fc58449b06b2e7a5b2b6a673c9a3adcfd0b8cf805c6e25861a1486eae

SHA512
15f8b28faa459b8a5e5c11a395051d17d1500554b593d7e9b620b563e12a7dbb2c282d6e912de765b8a50e1c936327ea3386c486b83a00f1c209b76d430a0385

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
1196324afcc39936c3aba0072abc0685

SHA1
9c07f66dd4ff557609522f1e9f9ebe52c3cf4d3c

SHA256
78e77e7cfc5a056ea6f8fa21bfea4f93b00dd8d46a64c3ed45051210de725bc3

SHA512
38fb99578827d01fa8221610357ae07d92366f9fdd7dfe26ff5f022571fe84207c87f53c42622ac63843164c47d52574749e3ce3414a4a7015121a50036dc608

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
432c5110c9d375ebb9380bafb9fb4021

SHA1
ad41fc08669bb70108bf93d548b79af86139f79c

SHA256
e6c87df41ccfc90e87df4b2592c1da55c52931cf2c8de6bc18165503a13d94ce

SHA512
2669515d84a66ee7c060a8a3f777892403980bae2173368a0b0563dc825ac3c9e3fb66dcaefaa7285f89162bdb7194945606d2f2bb528e0000744846e6334c03

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
3c4d78798e3572821460183dd4e533ac

SHA1
31c904ea6c679ccc2c6260fa13b77a874f5ccbd9

SHA256
acbe22c8127fe5a16037b7c87aad3223092c10b7b12c3222abf629342d2df293

SHA512
1fc808631bbf02e55b129e43ae89fc616b4135f171c462b49dd86e1e8e1de33acd7394c7175475d625f13b798586b9aaed6e442af36790e0ecf671393b492904

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
d8d2afffa8a760fb1f1339e76d9faf67

SHA1
e303ed598ef7f1339cd6ed333dc42eaab70c167d

SHA256
9068857c513650333e4c833fc60ada6b6e0c5fcf567f1c63ef6c8dd76139a602

SHA512
14218353c7bbc6a91194771e9d93ddfe1ac9f93b486674dad7a5bd7ba1ae753cc80dea1f28b7570b53a6c74b6906d36c413df94a0c600701cbbb91614ddbc6a8

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
44c3b3e524cdba14be3835b358d0f162

SHA1
03b884330fdf76f41923dda63d605055219e9b8e

SHA256
5d5c7630ec59d4e10ddbae5f5883574e43ff2b2954b934b623d23694f7cecb10

SHA512
aee9a6b6ec08c5d719662f1a534b3ed32cacc1b99b11d07a04c1de81ee3ac4723f998820c67bc1047ebdac011e6dbd21456363170a4d1da526b61dd6c047a555

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
1562c6f2f7f0c7b241182e83ead4d558

SHA1
1d845ef3aef26e86e27037448522130dc8698e73

SHA256
431772f2367560566c3eeea931827d0f8761128cb443974f78cdcd444c247497

SHA512
d0c2895a08f9270185db8b8558cf10ab4b70ba3cb7ad1e0cbb7071297ce6e6040b692fc3705c3dce918ac6611764e005e42b06f0fddb5fceebcdf37942e6594e

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
62e5f197694de06e70a7dc048523f7cc

SHA1
3413d334bcf65b26e2a84250c68d1a280b658ff4

SHA256
ed1f32aedea8fc57eb8663f1322b698aca42dc466036ddc1ccd696336511b350

SHA512
591aa1c4e97bb7268493b6a20f9d539faf1ba9ef9680cc511eac07c733002a2d1271d8c70d412242ca6a56337c20bbd46c9875f2245e582a0de845188cadce86

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
a4a184a93bc7e92ed304859209f7685e

SHA1
70abd8bfa4d450f7f6e57d1b741c74a23a92b438

SHA256
007f8e22639b91cacaa832a497e7d7436ae7f45e1794665a565a1f91aa83c0ab

SHA512
ca2899f1d14b84a3c9c5fa2ed416733a495ef3f9961072c40ae910676ba6f702f35f2f5dc441589f21ef909d54d4250923d9968e324750f1c6325fdd97f0b29d

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
b59d59676d88831fcfbadffcc62da052

SHA1
af2af9c3d5af81051be29e12aee18030fbbaf1af

SHA256
30c1ede3f93a61de3ec1a754a00621350a4fec198232e6cdff3d6d3f2e9306c1

SHA512
cc7a6ca93cbb8bccd3f9c9e9a06ce55f77c72f3ab721b61228703ed233c65235976a7626c5e4631a10899884a412ce0782a4ed054154862a550d35f2d8a5cc37

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
58cd375f4b51502ffacc238ee1d1ecfd

SHA1
ccd40268fb02b0783fbbbe85349442f767075e69

SHA256
61327b6679ec3d33706ae66107cf1788703d9293f878f7f27e01e80f1c8d1f24

SHA512
0242e265364ad0cddb83c5c38386a7e4060d2fce65dd64fdd10d648c302f533d99364dc6a1e0d3161e9aabf126a56bbb5ea093bfcb775ae918b803e3b88657ae

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

Filesize
5KB

MD5
16ded02d46ac9f406415556dd4fb9d80

SHA1
b716c4098d2de1ea80d4123f7c1cab6731a6d1f8

SHA256
e9459e34512611e2aac4b1e9807a8bb5e449d5d4adb9e0b841196fd5c13ad19d

SHA512
3299a5ada693d4e2c07017cd9ed542e4d9d27bd383ea4b4624d4cc9824cd3318823556f3afdc39f5530888363e33021c24bbf2443da0b87cf837069ed34e6240

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences~RFe5c9fc2.TMP

Filesize
4KB

MD5
081be617b84a30842b1804b26d876304

SHA1
24e7ffe12bfcda86ede008f49fbf1e67eff5eef8

SHA256
9af7f6c12077eb17766a4181de44533ddb832b71ad78a5db7d9e77e9dd1c0a5c

SHA512
b23eb5ceba13e84957a09246cc4f795e24b989543491e973193a86d1fe0253e62304fa5d8fd5f7b1d96b99bf5e8d009f7d74fce5d456a014ed6dab0e4daa65e3

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Web Applications\_nwjs_pcapp.store\pc_app_store.ico.md5

Filesize
16B

MD5
03e9f614a008075733c76883156b568b

SHA1
5f9cb1b06928487c4b836e9dedc688e8a9650b0b

SHA256
b1a6a6fb45ad1e13054c40dc7c09e3098ee830bcf1ebaec27f640ae4c64b8416

SHA512
7e6969c8908a6bf57bd2cb4457a7c78360468383acee589278e49829617e2f3b872dd8213e57a2ed8f512d444c67a2e619deabdc1394d1c39c7759ed3c744f94

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State

Filesize
2KB

MD5
28b9d05b6ff94d471e09b7cb3b0ca285

SHA1
12ed2f4f0865e9703a785c55c79e2bf5c60b5380

SHA256
1e7d66d43b638c370bafecf96cb736900b519eafd185141da09b9fe7a4acd045

SHA512
c72d6edbe04c4872af019f733ab41f1b393cd995a08cf50029ca38042e0b08c89d5c72aa21635fb5c31dffcc2a04a5d0354f436b86694b6bb450256e3004551b

Download Submit
C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State~RFe5c76ed.TMP

Filesize
922B

MD5
7f7c79018ed2b89f85b5f2a949b513a2

SHA1
848611084b43f0bf743561d1fca333caaf7a24be

SHA256
fc321334a49832446ccb33673849c1a77ec94c268fb48bf7863b6c14dd1a2cd6

SHA512
85f97eb7ae1ffef92c1a9782189ce014b0f602a7b1f4722806b1f741f6057be0f4f37f2fde5ecf55d53f1489461b579b76d2d21e40bc1a4148d5104f3d2ac4dc

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
45bf425933989da1ef32af478c94bf74

SHA1
87fec13e2eb5e03dbcb50c69fd1c52f5faa6e22c

SHA256
cc9abc81695ef348d858e4af0d40ebbd2e2308ea3c45fdf6fca72052f8730fdc

SHA512
ac4ce19870cf82be9076e9a197b0811ef67de6d1288cec468ecfb29b99e4a37fd76a8ded89351065b98a598f43215d983d62d1efe2717fa7a44120a093d28fa9

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
16KB

MD5
4b97f8e34b596fcde5af2e86bcf5de02

SHA1
57c7a13833505f8a334b98b8c247bee8f45cd81d

SHA256
b64ad8a1162bde14e685eadaf2c49195d898bb731e8038f293aa0a819f1c7c53

SHA512
572167aa1ad3cc554bbf74f648a481772f37300e0d7dd97487e7b46e015a25e5881e7272358f7fbab08afd78bace5629d9cd3ef9e7f828769b19cd5ccef9e9d6

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
13KB

MD5
f0d884b6293779cf60942d6b50eba88b

SHA1
01027b80e055ac4440f4954c9dadb7f1e1984120

SHA256
e518121c84a79956c3b0091d395a192d242205d6f020db9387581a12500d5f64

SHA512
570db2ac4c2fd294791af07eb2acb1e533daf15ca2f2d56dc588adbf2c7efa3c3c0a39e0c37a3dba9917997c3e106ad832cd2d52f5d18531310bd3d7c3073053

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
14KB

MD5
933a735de15524f04111b7d0325bb696

SHA1
785bb683215dbc83803e0a7d262df5e2e4378c75

SHA256
9f68e19f83bdb54c0fd47d88b49dbf4730b7244172b073744db977848ef82cc0

SHA512
fd0213633abb650096cfaf8bd49556bc728fcd943fd6d423f91baf849219f1603f21abf82e2d35caa44a09c206b7fdd55b5dcb037bee9db1386d864081b35fe3

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
11KB

MD5
92902d5f493778cd35ab1da3eb496ee7

SHA1
07cb15c0dd28e39a48ca817527f144605a53eeba

SHA256
c8055e94029d83e462244db75406806d20af18922af7b480ce46cf6f289c411e

SHA512
d531ce8bd0599e7cca11ce356f7aab543ac7ab161f2e37beee9a72eb4b5883b4da8431e2c1064a0a4117206139ce4ae29650d49c5df09ba9b7129cd0b63b90db

Download Submit
C:\Users\Admin\Downloads\MEMZ.exe

Filesize
16KB

MD5
1d5ad9c8d3fee874d0feb8bfac220a11

SHA1
ca6d3f7e6c784155f664a9179ca64e4034df9595

SHA256
3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff

SHA512
c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

Download Submit
C:\Users\Admin\Downloads\Setup.exe

Filesize
117KB

MD5
b1d1fa855ca77fa2c48d1e2d0d04074d

SHA1
0202fe3434f10b68e6feb990b95f16aeffdad80b

SHA256
e5b0db3f80169c0f784b3a25e2df8e4dfea7871852c49582dfd6496221928282

SHA512
d75d9cd018edb250a5aa135dde9d257c78d5bee5a7cb8894c5a78f0d3a1671d3b8cd3c8f7cd6fbafc11ad538da3013bbb351093893eba23e1edf834141a84184

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 880647.crdownload

Filesize
5.1MB

MD5
c8246dc58903007ccf749a8ad70f5587

SHA1
0b8b0ec823c7ca36bf821b75e2b92d16868da05e

SHA256
347e7d26f98de9ac2e998739d695028fa761c3f035dbe5890731e30e53a955b3

SHA512
02f5ee6fa5365498ea537f931bab82e3d95178cb8ca42a108030649283290520c27490557a2b642649533b935503ad240acedab005bcbf3dd7691f5671caf975

Download Submit
C:\Users\Admin\Downloads\b8efb803-b3a8-41c5-a3bf-aad747e6a900.tmp

Filesize
1.1MB

MD5
dba533edfe91246318f3baa8e2efa47a

SHA1
63e0789a8169ee6f1f58e0562feb41aad9d24591

SHA256
5a31e3fe32f6c77525512f701a4b321432050b99d2772b6556efb361fa28c71e

SHA512
26639c83fbc575c0438857117c97f21bb58b0066789878b405cf2ab1eb1da410ab9e595cc84cc41a4d95fd0cafb2874e7696cdb69f7c8ee565e982715babe7df

Download Submit
C:\Users\Admin\PCAppStore\nwjs\locales\bg.pak.info

Filesize
1.0MB

MD5
82d7ab0ff6c34db264fd6778818f42b1

SHA1
eb508bd01721ba67f7daad55ba8e7acdb0a096eb

SHA256
e84331e84cd61d8bdacc574d5186fb259c00467513aa3f2090406330f68a45db

SHA512
176458b03cc2b2d3711965cd277531e002ae55d284b6c9178d2353e268f882430235468e5a1e9e45c8427864d109cf30a024a993b4763a75fa2744f6e0a6ae2a

Download Submit