7e93cb8c9674c1eb06cb3a2cadd1f2f23a30f07991ef88c742e125ee4b24cfbd

Analysis

max time kernel
234s
max time network
205s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2024, 09:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

plants-vs.zombies-hard-mode-mod.zip
Size

136.9MB
MD5

a77a120e50930f296b70ceb84fd4eef3
SHA1

1794a9b7b4e109124229d2aa4b27aa5ccd418308
SHA256

7e93cb8c9674c1eb06cb3a2cadd1f2f23a30f07991ef88c742e125ee4b24cfbd
SHA512

2968ab3b153a948b738078c9b63a48ebed5fed51f9d2ac734a2375224b4d4353e90eb7ee7f9f1a0d76029034976c1b47f39ac19a92411505020b61fbdeeb708f
SSDEEP

3145728:FqrDaPTFP4n8S3jHL1rZuVbA9CLg+LauMP2znvngKSThkR:FACpP4T3jrJUmCZLpvngK+hkR

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Crashpad\metadata	setup.exe
File opened for modification	C:\Program Files\Crashpad\settings.dat	setup.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	PlantsVsZombies(95)bgm.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133724224287303792"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
2848	chrome.exe
2848	chrome.exe
8028	chrome.exe
8028	chrome.exe
8028	chrome.exe
8028	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4196	PlantsVsZombies(95)bgm.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 58 IoCs

pid	Process
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: 33	6068	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	6068	AUDIODG.EXE
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe
Token: SeShutdownPrivilege	2848	chrome.exe
Token: SeCreatePagefilePrivilege	2848	chrome.exe

Suspicious use of FindShellTrayWindow 57 IoCs

pid	Process
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe

Suspicious use of SendNotifyMessage 30 IoCs

pid	Process
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe
2848	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2848 wrote to memory of 244	2848	chrome.exe	89
PID 2848 wrote to memory of 244	2848	chrome.exe	89
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 512	2848	chrome.exe	90
PID 2848 wrote to memory of 3392	2848	chrome.exe	91
PID 2848 wrote to memory of 3392	2848	chrome.exe	91
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92
PID 2848 wrote to memory of 3676	2848	chrome.exe	92

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\plants-vs.zombies-hard-mode-mod.zip
1⤵
PID:3056

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff94547cc40,0x7ff94547cc4c,0x7ff94547cc58
  2⤵
  PID:244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1848,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1844 /prefetch:2
  2⤵
  PID:512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2168 /prefetch:3
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2284,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2448 /prefetch:8
  2⤵
  PID:3676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3308,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3336 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3676,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3684 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4644,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4660 /prefetch:8
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4484,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4500 /prefetch:8
  2⤵
  PID:4220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4920,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4796 /prefetch:8
  2⤵
  PID:4448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4648,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5076 /prefetch:8
  2⤵
  PID:1376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4676,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4928 /prefetch:8
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5060,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:4076
- C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  - Drops file in Program Files directory
  PID:4284
- - C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x284,0x288,0x28c,0x264,0x290,0x7ff685294698,0x7ff6852946a4,0x7ff6852946b0
    3⤵
    - Drops file in Program Files directory
    PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4768,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3232,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5304,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4888,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:2152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3492,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:3688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5492,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5504 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5500,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=3472,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5772 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5952,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5920 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6096,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6100,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6196 /prefetch:1
  2⤵
  PID:1396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6384,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6368 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6240,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6256 /prefetch:1
  2⤵
  PID:2616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6664,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6732 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6720,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6352 /prefetch:1
  2⤵
  PID:5316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6988,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6992 /prefetch:1
  2⤵
  PID:5392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=6740,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=6876 /prefetch:8
  2⤵
  PID:5972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6760,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7244 /prefetch:1
  2⤵
  PID:5984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7280,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7404 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7584,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7532 /prefetch:1
  2⤵
  PID:5156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7728,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7744 /prefetch:1
  2⤵
  PID:5184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7700,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=7860 /prefetch:1
  2⤵
  PID:5216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7628,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8012 /prefetch:1
  2⤵
  PID:5524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=8008,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8152 /prefetch:1
  2⤵
  PID:5560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8288,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8332 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7880,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8464 /prefetch:1
  2⤵
  PID:5332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8620,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8596 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8604,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8736 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=8868,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8852 /prefetch:1
  2⤵
  PID:5936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8992,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8480 /prefetch:1
  2⤵
  PID:5868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9144,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9164 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9308,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9324 /prefetch:1
  2⤵
  PID:6308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9432,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9448 /prefetch:1
  2⤵
  PID:6316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8752,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9588 /prefetch:1
  2⤵
  PID:6464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9732,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9724 /prefetch:1
  2⤵
  PID:6540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8452,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9740 /prefetch:1
  2⤵
  PID:6596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=10020,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10028 /prefetch:1
  2⤵
  PID:6648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=10216,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10168 /prefetch:1
  2⤵
  PID:6724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=10324,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10320 /prefetch:1
  2⤵
  PID:6776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=10348,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10464 /prefetch:1
  2⤵
  PID:6832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=10604,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10456 /prefetch:1
  2⤵
  PID:6996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=10608,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10768 /prefetch:1
  2⤵
  PID:7016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=10788,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10912 /prefetch:1
  2⤵
  PID:7120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=11108,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10940 /prefetch:1
  2⤵
  PID:6172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11232,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11100 /prefetch:1
  2⤵
  PID:6280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=6824,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11364 /prefetch:1
  2⤵
  PID:6444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=11496,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11704 /prefetch:1
  2⤵
  PID:6480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9296,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11816 /prefetch:1
  2⤵
  PID:6528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=11940,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11352 /prefetch:1
  2⤵
  PID:6536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=12264,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=12144 /prefetch:1
  2⤵
  PID:7172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=8448,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8464 /prefetch:1
  2⤵
  PID:7708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=11064,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11540 /prefetch:8
  2⤵
  PID:7964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11200,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8924 /prefetch:1
  2⤵
  PID:8040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4876,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11112 /prefetch:8
  2⤵
  PID:8056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=8728,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8820 /prefetch:1
  2⤵
  PID:8064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=9332,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=9640 /prefetch:8
  2⤵
  PID:8108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11008,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11724 /prefetch:8
  2⤵
  PID:8164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11796,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11576 /prefetch:8
  2⤵
  PID:8180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=7612,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=10212 /prefetch:1
  2⤵
  PID:7428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=8276,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8208 /prefetch:1
  2⤵
  PID:5804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=11668,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=11664 /prefetch:1
  2⤵
  PID:7124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=11096,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8720 /prefetch:8
  2⤵
  PID:7560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=7988,i,13897522627742719062,17906438272835540353,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=8940 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:8028

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4108

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:728

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x520 0x4fc
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6068

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:7716

C:\Users\Admin\Downloads\plants-vs.zombies-hard-mode-mod\Plants vs. Zombies Hard Mode mod\PlantsVsZombies(95)bgm.exe
"C:\Users\Admin\Downloads\plants-vs.zombies-hard-mode-mod\Plants vs. Zombies Hard Mode mod\PlantsVsZombies(95)bgm.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
PID:4196

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
029a2d6260f1ba6a772a3532cc98109f

SHA1
2711d9fd6ab0ae001eecce99259725ac06671b04

SHA256
39c2b20bcc5735f2c90a4fa95d744c7453365a30bb302e55fda1a9962b64191a

SHA512
994771ae17d3ee9fbf540b8efc9b4eb3c969ed75fc019dd0368deba11de2bfd86e15e5b6efb035fa8a0474eb0b3006da325dfa6bbb1b6faef7b86c6c57901646

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e

Filesize
79KB

MD5
ead1ebfb4d104ec1d43912578f9c3289

SHA1
4ddf1a658a2654573ed6630155b03dc3a2b5322d

SHA256
2877370b23b9c1aec2ad743865b5ec1ef16666f251b9a87e82dde35be6037983

SHA512
d694ab9520f71aa95478cdb13ddafc1954b0fecd9551c6da1a9fcbf6b83ca916d28bb8c754a2e78c4fb131ec8a79e42e480b37ff3a364f03e526ee1208592c80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
93KB

MD5
4c195f834b184c82e0a1716dfa66b233

SHA1
5e07cd0418f0dde81c2b015902491da83a2c9202

SHA256
352a568a6232f20bdd85c34ceb20e3aa36876813cc4345f4b56f351edbee8b67

SHA512
0e31066e0c06dfa2eab2cade9ea4be6b2d161c6690f5e5cb6bfcd6d0ef7d4be695a74b615a93cfe4d6f309eeb53aa9705ad84be0cd32d35d3522d0900c0f717c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000081

Filesize
213KB

MD5
f942900ff0a10f251d338c612c456948

SHA1
4a283d3c8f3dc491e43c430d97c3489ee7a3d320

SHA256
38b76a54655aff71271a9ad376ac17f20187abd581bf5aced69ccde0fe6e2fd6

SHA512
9b393ce73598ed1997d28ceeddb23491a4d986c337984878ebb0ae06019e30ea77448d375d3d6563c774856d6bc98ee3ca0e0ba88ea5769a451a5e814f6ddb41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
0523a49519cfa96a6903eaf89b439602

SHA1
34f3f8b404c042219bcfaf16ce7f2913add599e1

SHA256
ccb2b27423c591ecfad9578e4076fd6a98b31a8f3b9256f7e999df999897a12a

SHA512
e5bfb0a396f7c084daf729abff83a203d72f0f4915e4f09d4ecea7b6f31280a5fdf28049a07f618c4b864383852ab51f0e7137b0ea87e9be5dd3e783ec8c44cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
8c4a3f149676cc965539087074b04ae8

SHA1
2ef4ef9c8df0ff2de3fbdf7875d2c09abc124f10

SHA256
b8b3ad80f8c108a6cbbd4379e35ece766cbb5d85aee47763c9291641075cfee5

SHA512
33b54fb8d2527de01c86d782cdc39d9cd9058c74e3f16fa7d6809b20df7d343c0e9bf971bcda2b51340a29dc8ac098a5c9c4699f7aed6483fb44ac60d3d6a2db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
3ad989d943b3ed09e066d2d3adfd055b

SHA1
02b11325ffc47b2e619b057a9329d374dc120703

SHA256
055faa9ee7cb6ae6b63d6b8646f0ccff73b1ca9932b08fc605f6a7c971b600f3

SHA512
8fc33f12b5e5aee87514085e909b57517222d8bc5b386fce565ebbdc9c7f318f2c1a56785c6462ccf49b945e2d91ae40571bd504fabae89469e73dc56a83db08

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
42KB

MD5
49b71b2dde251a0e67097752f69587dd

SHA1
86f208997274ca00f70ffed6da3d2706b424f5cd

SHA256
146186ceb5afdb873e1ee23d7e1f30564d49a06282e3ca11c57cc1540fc08b7a

SHA512
60e0c4fc20e17f3b31a0124bf45750a93cfa11161b52bf0272dc66f01696e4ded3ade3a647b2cb0ada4c30a1c0eda4238d637af1618a07d6be14915cf1765587

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
39KB

MD5
615194daf192ee8eb64ec463689b6421

SHA1
91c8ee0c84d9cad67d76e516cbf7810ba3f2b14a

SHA256
71618197d4bfd778f57c8460c456f312d21a773f1cb3a9c8faedb9adcd4b0978

SHA512
36413120f2faaff9e209d31d43c47ad67398f5d6e76d4b295c30469e2b2d2e7e48b3636083dd66cf570d0c486b332ef608fa48842bf919d174fb2d798d19b557

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
60ff2daf6a971d216d150de1f81f9ffe

SHA1
cb98cb001f021c76dc0b5fcee866349c48119f1d

SHA256
f7cedb93ff5e98401e318b69409278c25c329d1ff172c1a9bad1972efe1e9707

SHA512
25706dfd7d40faabcf938affeacd4cddc5ea2574f3317ca8d92b7fa337ca6868074c99bf556d9a9f7878ba4f6053c61ba7380f99833bee95f27b7c0100cd4ba5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
4f2bb8840256366fb5b128a55db7ac17

SHA1
52973f0120c1c8ff9d9ea3dc1170b5e6176e85ba

SHA256
ccd70bb11828105c7d94feeb7a339871ac94442a5e5672587fa7ca7d06d93b88

SHA512
fa7fbf2420bd0ac187c6b0b8cc9de6e31fa0b30cc3e79e886a40de8552a2fc1bf27bec6e5643df167eac7446782957281458a753e10707d7501cc44ec342581f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
cd283768f90505b2c75236664634c6c4

SHA1
687f1319a5d31d87284fea9ce10a638d419eb21c

SHA256
d3979ef450a5fef8b4f4c06d24c65c80411cfcd3fac55a95f1d46edd9972ee8d

SHA512
4256ab4e3bd734a11a07e7c71bd582102cbce8548c89e2dd7001b74e0499aea1236712fee3742e8b014bd935ffd829e31ea9a78159a6633d05d390059374af25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
f02d823ea0ceda12d8716901d5a867f3

SHA1
90165af3685957dbb6ebd471fa3cbd491f3d7402

SHA256
84e5be88185488f58c8dbb923d1ec5d5271d6077f126afc0be9b9ad8811362d3

SHA512
5d12da0ecb1803725df49a6681baac8ad3639088b05bc58714e9e3e7500f69b7ad94c9c56efe06cc74ae99549e63ac62e8656edb381a4759b2aa50c8c7b639d5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
e2a312eab943bd2075f2f1652cf53ebb

SHA1
4ffeb6a227907a23508571e3606b0eecb6579d9d

SHA256
e7796f9bf7539eb2b0c38eb245006e608006ae6bdf11cbfb737fc284db0adc89

SHA512
dd536acd95cb85fc12b542795dc554caa163f4084c2f8f86f31e669306fd95391786837c515a4d837573e1893a341bd2332cfffdf0c32eb5c888c74679cc450b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
23a0ce970b9f3ceb7f6a76c95dee85af

SHA1
39746f46b6a8067702ed3bc0cd11135fda646ddf

SHA256
10fdbb002ef68b7f177f13f0a2cb2c0994507acb00ffebba71fda78f99cfe584

SHA512
5d5d5ef64a72b78f70d196490a2599ee6d8ae564a6b4788516b59d66863dad3b090aa921f513452fddaebb91a4ab316b71b667cb076cec438276b6c46cf23266

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
622f786da42fb9faca922b826d5349a0

SHA1
bca2367dc60fd46a9c31d3481c9cb0cb33c28fb5

SHA256
c456a7bb6037d35dfc01a4e339ad291312846135be71e614481b80eee0551259

SHA512
496207678d8109bc6bec3a3d89e8b18bfd460dccb2e779ca4e749c80cbeb73888957c45c5ec6d53bfa2e05613b6cd3ec83c26064fe559fa3e167aca66ce10fda

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1b909c4ad94f0c8c993b8b9ffcf2168a

SHA1
af96a2e470060d453db93ab5ea7857c7bcdf3743

SHA256
c5e482643c8beff90ca95aeed875ee6ffb014b8c84826696203dfce08271cea6

SHA512
5b4430f13bcc8e38c4c6e1425424d7e81746ef28015c601c93827a3e11d3720e5401f4f8e32bf6cf035f5774df0a5a0018b1c8645fd6ba1a086523764eccc7d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a0e87e382c1125e36649bd1ea81fbaef

SHA1
4e725f51ed416c82e4d65833df3ff7847f00b3eb

SHA256
4d0d27682c6bf9619d997ba8a87302877b9ea1283628fc415c202a257f44a516

SHA512
0d6b5ea7518e6d0afee2a4b59c545fd2c59ab79daa953ef87d25c1efea75de873fc31662b354d2d27067f820ea111299b81cfe44defe0479933c2cd5ec4524f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d0c27718d185a7524281fdb13a847414

SHA1
975737fd5412f946207e9341e106e039e8f66bca

SHA256
d26b7e6d6d84bf0b3e17e22499fb21f2ff808e0339b17594c471d684713f3b7b

SHA512
fd37cd88fce97e035a02d26b0bc8741baf1cd883861cf5c13c4225cc4b8d183c8e4b1b0ce94dd66498781f3c4963b3bff36adde064374820f621ed513b44247e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f6a48f908c5e43e762755d80745eac9e

SHA1
8e7edfbb4cde6c15b1418da9cc1108b29feab0e2

SHA256
d2c7b0da8a4d2450ca186000ae60a458bfbf79311534e81b12e2b91dcb5a2185

SHA512
51161c4801ef1af3edf91637b3fc85175d7334e247de79b7aa9e1e4ecd988097414ffffe43ec65dc621fd4eb23c179f799f2b21e65e4df5f8bf9084fc710088b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
31d1d48e463b81b42bd70cec4fff7c19

SHA1
c195f45667b25fb2b81aaaf0ef5ba485140dd330

SHA256
e629b8a0e35ac3e3af190f3e2a8922e89734fd252187a630479781148e302208

SHA512
c520b85bc85085e88e0d2f838b086839dfe0b38d00b67caf0dd29d237dacd4a849376ad30e3a5436b316138d90ffa3100ce86deb2c2bc77222f783464d7b2339

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b354e9084c734ccf9872b5d4f45bb057

SHA1
558f352b082ecd679b07ab7108353e0065ae9ff5

SHA256
3a3b9b8e2bec441227dc64cc1e636a68cf7f447a75c34def6aba3f9b6822c29b

SHA512
e23aa0cdf86e3075e88fe80792f4cb053840e1891d6f1f1be4291b7e46a938aacd3e5ec77c0537199d4dd8f50598b56eedd4ae72d491ecfb5c98da4ad6dcbbb8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0de1b1adea7214184acfabc8fb7c1980

SHA1
bfbd05b6c7405db43c8132a53da4958eec001899

SHA256
ecd29e71f20717ad3948320f86158b98e509379647909c2c6c13a2848e240761

SHA512
41b70e8a641f58e56cf22bd52c367d8e4dfb3c09dfd6e086753bd629fc0ca77f561579d3564e446116a496b2b9c057d07804e97df0d44b589190bd9134a5119a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
fb99cd3d6b34835226426b52344a3986

SHA1
b0817d64be03f2c6fbf7a5c2ebdc1c3eeeddc96b

SHA256
75021fc8e0ddb308433dde41f1cc3a4ac7ad0a3af19f5d50e3b48a558091b634

SHA512
2b949b8a7481c8d260ec8aa899907ea236ea9ef44e8a9e1de643a1949e373fc32f13dd39ab261551ce772e82348fb719fa44339b2a5c3c59d2ad5aef29c613ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
6f5713a92833a42f6b701042bf25a4bd

SHA1
64f75ab2ae88773edccfb1ec34562e0108029611

SHA256
ad077259542c75cfa88bd62ac15013500f28a9d219cad3cf12e9b7f9741ad9ad

SHA512
757525f335e9724d45c6a5c6153b6e38e0e614c5b6da8ddbd37a727454b0887a07f37294324e3d59a6a98aede2d98b93b57cd1e8d6710ddbb58f694d4f9713e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
786fd10063fccae057fa273bae199022

SHA1
cb0a84e80c7751347c05cfc52c726d80c1c0102a

SHA256
d1becf97e1a947c7d10b507c614d064c6757a0663e8e55ff1fddb60e83f35569

SHA512
bb3ae827e512c431a495fd62b794b23ef0a72375ae169704dd6e30725875164429780d62ffa40d04156db76409d1a7b16c72e559eed2072ae849ddfa35fe29f1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
65da288e659ca40f1603a7582fb93402

SHA1
13ddec17776f450b258930effa5a86110ab8103b

SHA256
becf81b778866b9a37068484405ebc56a1992813b40a559df8f10d35aca3d037

SHA512
d78e9beb2a3994f5f3f3e74c810614fb5ac0336f76ac087635413a6df0dedbc54f42beb101e790b24f45d0fce0e6715d5adc639cae86882ec8adf2dc0816092a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
dbc478f97b65b12028ea7bbc1cd013ba

SHA1
24f4b21d293101a58b5617f450e64b8f59870a66

SHA256
2678141ff47e5161cb2fb1d29f2a9f6a9e19e9a3df74e5b245e3dec5b065e902

SHA512
0c57d7eab5575c55f72be1e4892354c6ce3ce23dec0025c50330ae55fec20cc45d050f169050559d9989129cf10e9134bb975440d4ff12fa78ef1bba525aa8b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
2524636f1814a20419aaa676290fbf8e

SHA1
00500a8d53c3d5335c3b92b7216440a181aa4975

SHA256
0bede39b7ff354980240fc990c4ef9f0075a78147d77cec80f87349d304f7cab

SHA512
6df9f9b394355f19d6048fbb3c073cafeff46f67f6399e66a688de6fa9da543aa0abaec63e4bb5a4bb184bfab2d23c3780f28a4b74975cef0a265a9c5fe03957

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
211KB

MD5
6a618407bfbb070e26abd5d2db44fbf2

SHA1
a00273129953580aea567f141a976cbeb04859a3

SHA256
32ba94de251bbcd318bac43f19371e0dc4573b1af324443a337db9547092118e

SHA512
0ad94440889109c7d6ade5d5ff668a1b26ffdc27ce7efeb60d3f6984910babec6f1f350e30af4d51cda421fb2504ee0e98f310001a69c4cd296c72f13a2e0e7e

Download Submit
memory/4196-1464-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1470-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1460-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1461-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1459-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1290-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1463-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1466-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1465-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1468-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1467-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1291-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1469-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1472-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1471-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1474-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1473-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1476-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1475-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download
memory/4196-1478-0x0000000010000000-0x0000000010041000-memory.dmp

Filesize
260KB

Download
memory/4196-1477-0x0000000006810000-0x0000000006982000-memory.dmp

Filesize
1.4MB

Download