83a5f942b2a15eab4826ef1709ec6a7f9637a7ec0fce16585776848797307fa4

Resubmissions

09-10-2024 18:24

241009-w19nqa1drp 6

09-10-2024 18:02

241009-wmxr1a1apn 10

Analysis

max time kernel
816s
max time network
818s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
09-10-2024 18:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

hvtrs8_-lculcjep (1).exe
Size

32.3MB
MD5

4f02ac057355b5dc73ea28aecd2d56b4
SHA1

32591cb75779a3e308a44e75a76f821e7dee11e0
SHA256

83a5f942b2a15eab4826ef1709ec6a7f9637a7ec0fce16585776848797307fa4
SHA512

9eb08f85559df6af9192bec8904097d4e43a832ba9e9cc1c7be1a366af8d103c3a6db3886f00927ae5eb62055fbc770c7b5a3d2a122a0b460b51136083015368
SSDEEP

393216:nbekuyo9nMK50UGRXLePuq2ZWy/c5zFviMKe2OHmwv9CsTmsueFFza9ye:6Zn/G4Gqk1cWe2iTVCMue3E

Score

4^/10

discovery

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	hvtrs8_-lculcjep (1).exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133729723855628518"	chrome.exe

Modifies registry class 37 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Key created	\Registry\User\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\NotificationData	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000ae42ef6eb118db01e0bcd9acb818db011f7820cd791adb0114000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2499603254-3415597248-1508446358-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
4972	chrome.exe
4972	chrome.exe
4980	chrome.exe
4980	chrome.exe
4980	chrome.exe
4980	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 26 IoCs

pid	Process
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2024	hvtrs8_-lculcjep (1).exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe
Token: SeCreatePagefilePrivilege	4972	chrome.exe
Token: SeShutdownPrivilege	4972	chrome.exe

Suspicious use of FindShellTrayWindow 28 IoCs

pid	Process
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe
4972	chrome.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3324	chrome.exe
2404	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4972 wrote to memory of 3620	4972	chrome.exe	83
PID 4972 wrote to memory of 3620	4972	chrome.exe	83
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 1004	4972	chrome.exe	84
PID 4972 wrote to memory of 868	4972	chrome.exe	85
PID 4972 wrote to memory of 868	4972	chrome.exe	85
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86
PID 4972 wrote to memory of 496	4972	chrome.exe	86

C:\Users\Admin\AppData\Local\Temp\hvtrs8_-lculcjep (1).exe
"C:\Users\Admin\AppData\Local\Temp\hvtrs8_-lculcjep (1).exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of AdjustPrivilegeToken
PID:2024

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff927eecc40,0x7ff927eecc4c,0x7ff927eecc58
  2⤵
  PID:3620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1636,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1620 /prefetch:2
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2044,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2140 /prefetch:3
  2⤵
  PID:868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2180,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2196 /prefetch:8
  2⤵
  PID:496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:1592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3544,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3076 /prefetch:1
  2⤵
  PID:4716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4636,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4628 /prefetch:8
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4756,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4764 /prefetch:8
  2⤵
  PID:124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4772,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4912 /prefetch:8
  2⤵
  PID:412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4572,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4564 /prefetch:8
  2⤵
  PID:3544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5132,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4536 /prefetch:8
  2⤵
  PID:2092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4872,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4408 /prefetch:8
  2⤵
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5232,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4972,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4980 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4288,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:2596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=4252,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4528,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:3556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5024,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5348 /prefetch:2
  2⤵
  PID:936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4912,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4260 /prefetch:2
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6036,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5996 /prefetch:8
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6364,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6380 /prefetch:1
  2⤵
  PID:2524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6264,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6268 /prefetch:1
  2⤵
  PID:3780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6624,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6836,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6832 /prefetch:1
  2⤵
  PID:3960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6772,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6980 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6848,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7112 /prefetch:1
  2⤵
  PID:8
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6048,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6052 /prefetch:1
  2⤵
  PID:1680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7180,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7208 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5908,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5828 /prefetch:8
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4268,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5828 /prefetch:8
  2⤵
  PID:4060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5388,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6568 /prefetch:8
  2⤵
  PID:720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5392,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6532 /prefetch:8
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6560,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7344 /prefetch:8
  2⤵
  PID:2796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7220,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5384 /prefetch:1
  2⤵
  PID:2764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=5408,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5376 /prefetch:2
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=5308,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7196 /prefetch:1
  2⤵
  PID:3868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=6544,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7052 /prefetch:1
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=5512,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7276 /prefetch:1
  2⤵
  PID:3008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6612,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6984 /prefetch:1
  2⤵
  PID:1236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7256,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5680 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5216,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4952 /prefetch:8
  2⤵
  PID:2528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=5348,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4504 /prefetch:1
  2⤵
  PID:1076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5844,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5244 /prefetch:8
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=212,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3360 /prefetch:8
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3424,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3324 /prefetch:8
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5984,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4428 /prefetch:8
  2⤵
  PID:2908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7040,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3316 /prefetch:8
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3480,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3392 /prefetch:8
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3752,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3476 /prefetch:8
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5380,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6548 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:3324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4828,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6496,i,14606328927431267696,656787726072147538,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6564 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:2404

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1580

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:248

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
1⤵
PID:756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8df2eda1-0f65-4ba9-881f-f49a307178ae.tmp

Filesize
9KB

MD5
c109df6b6263559fccc41789c2ab838d

SHA1
57ce064597886ef1376af927f0de896f9a6e0f24

SHA256
002365c22d80130025251361567271a9874790ef5cdc92b01715c18cfc5d3e6f

SHA512
42ba822549414b85456cf23f8ab797014cfe9558a9ed8a06d11ce588c30e8907e57de4bb864db887a59f020cb5e6707cf9ee13b976c0543493bb19ec67f1a91c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
2c54d64cf138389601400ed1231fbf28

SHA1
5e69878a582de2840773db5f930c69994e529cc8

SHA256
7aa72b87611e17294dd9070226b631a783ce46ed840669ec24cd1fac2658880d

SHA512
823a313d2ef60f2d999b26a5123b9cc1e146c42a08628e44fa0151524b81b06e6b8370e002e750cf5cd89f7cbd36acde206f724929b93fb55c35286950b5b811

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
240B

MD5
ca476270b2bf12a780dff0db9491dc91

SHA1
40788efbb4e81ed333a7e3fe2d22115fe8a66755

SHA256
b5877d54e09f67aeff8d764ee75ddffcc5869b75cb8dd2179745004b4c75849f

SHA512
a4146808f46f84884cb1f3266b3be7af17a6436c180a337e10efdf66d5073330207a0478344d5b79ca11ac19166f7bb544d1646dfeeec605529755a0526f6620

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico

Filesize
189KB

MD5
1221a812e4c70d38d0283584586c2add

SHA1
482c85a81897f931d12aaa243faac1af4843f273

SHA256
1d52c98af7b40a4d6f209501cdd68263164db4d9dfa6c973983a361aff4e9e1a

SHA512
07a057e116695dc6253b42789220c37bf8e8f93a9b362140fc08bdd9cbfb5ae2432129b8edd32c221eca42ee68b3906cb7b75fc7fca2a1299ae50379396fa9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
638a5849805a5fa6c3aea090628a1458

SHA1
843131774aba4d69e5b2a18dc01e6df30716584f

SHA256
d15d95197eb38eaafdc3a136b75fe8dbde0235dde64d70600951f76f65575e58

SHA512
ff0e8ca1799335c7fc14251c5791182e2b341651b992e17abb1ae123a7149314c0c6d24e63812c74c1cd59c209ab6b6a42871b9b4cf34ad6a4fd6fdee3bdfe3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
724dfd609474a8845b6816c8d4c92b3a

SHA1
7ce75d38a09c7fc8957f623c659864ab2323ae41

SHA256
69c8413321bed2b9c0e01f182f47a304a05bf29928a6c218c57c63813e52f9d2

SHA512
58fcdd781c2ae4a84b958567740c53c59bae930a1c49812801d8db3c44b7396da750c3631f42c96fa43fb1f6109b83a43eca439618f3d3160d8d6f135dade644

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
524B

MD5
ac031e4ab50a861c515561042af07e30

SHA1
8e81cb3849cb49fa3b31be7c35568d1c59b4197a

SHA256
5f7a8cf246b59726904c833e031913104641739728cf4fcfaab7de39b1ed2caf

SHA512
c27304f9cf416b59e313227741e4f896ae3bd40af8c91f7271047981c66f7320360b9ec82d093dfd68a6f6c3ac192ee764ce7d42b86dd9ceb6ca9a0eb316a2ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
691B

MD5
f4c2b7aa9553852dc92c20435ece34e3

SHA1
77a825818ab5de7f4ebdb992411ae894bc61c930

SHA256
3b3e5d6e477fb63649f33bc1f2702588c8925c26012f4c7f7d933e607d4eb141

SHA512
e0f21af0f862e0dff71cd59c8f122419ad1b6b056f683dccb345f7e05a528deadb88d59bf8ea2127c3f266d6882de636bb3f1b483e75a9fdd6686062629dfe95

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
e3a33d0ddade1199c5fcd121c6bc02de

SHA1
d6cf352fa3192e48b70bf74d4f9b241cf12cb518

SHA256
5b4b501b363bd99ddf05c659d0316bf4068f094d54319a7fb12f25809cf986ce

SHA512
23be77fb864cdbd02685dca25503df129408abf8c37e309fb2ffb1553b4f8e5a15c5d7b93d60c66df8228e69be0341f127eefc4678e3ad7ab1fd6a6e86d3e6ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fa0f3ef9730dfc9265476cc55203c3ce

SHA1
c8d83ecd9ba82c661942cf7a3d6684dc326fbec8

SHA256
ea66ae7b53a71e264bcfeca0f88bbf8a0210c121d1edf16969cf95524e4d50e0

SHA512
04b6127569a9852d25682c9a3ffb74a77b9ccfe6f2f93921d2db157dbb0bb5e80f166fa33a9a84ceb1d5ea68b71faf1f405e14d3988e32d7a521bc6beb1d9ef7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
09580a2237b73b132a590ae434366940

SHA1
86f521def2c1c345bc5b6ebad866c93894d739c0

SHA256
a771dfbe9576e4361419678c43e7a98fb77cdbb32e52775d66e2bed5bdbb94c3

SHA512
51fac2be60defd25e46dacaaca9864b989b0b98e76aa0dfd48ef3d5f2215fd52151fad89eaf98e8ca22bd89cecfbe8eb9400234ad870c83022356f8af3a58c6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
4d828f5728a095ced786cef7715b66d2

SHA1
8721ead5a3c2b36485a848adf499eb4e836d1a65

SHA256
e4eb9c072365be26addf1f72d70c6822a88d021a27fa9e4b5b35aa041fb02d4b

SHA512
fac2025ffc3748b42777d8bb43d4ae033645c836309d8bd8f68709260b85be41933ea286729f46e358b277b97a313d59565a81da201438bdf80ac23b13880af8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
884463d26165750daee61a4b0022ba04

SHA1
a975d838b36c014c54386251db5c88c38d8de721

SHA256
b3bba6ed6f2a389c3138d671f71800b6fb582bb3128de150fc578d3ad5ec7c1f

SHA512
039b48ceb92dcb256246889cd7b53c930d4bd2de59511e4369726635a6b7107adc9cc480d5278e317d52d0ecf950a2955a343ec7568b5477c3e581d81681d75e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
01ebe31e4cdc4597aff31cab8e0586d2

SHA1
8113f6c7df84d8638a720a561dba586e4a431305

SHA256
6d036215ae82652a1caee36b4aa6c3c4b5db4bb9d2101ceb7b5b820c2c3a0c30

SHA512
40d3b65ed801e3b2264c860b2d048815c8c608ab6e52802fa09dc4779c5b7b2e2d055a0758edb28e9a95e5ea921c2c20c56ca8c886fdc7fff4d89298708164f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ef940c2acab71f3ed5a647076e2d8d96

SHA1
34f5bd2650fd03d16b7d1fbc14273b2c18bc5178

SHA256
0f9c15c84ec8ff898a5f90f387ee18c15d4464494130ce38ec65fa2a9eecc372

SHA512
2048cea4b6d64d3c5e7f50dae11c6cc0ada59a4a4e45d106caf03c03ea1e5f1503cf88049baec5054c614364a24c1ec01e343721d28f8cfcd2bc8eeae662e5ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e49d61c0a719ca4a8e5a2814fe3b7fd3

SHA1
f8fbfa25e17738286710f29a980f4759124c8c1a

SHA256
6224e9e302b1f8a5424d1e3c6ea427a5fec8192648d25b1ecbb9092669ae3083

SHA512
be02289ecb393e7c8f959bcca96af3f718655b8609c219b6cf974cfc3ae1428715f9599fba7612dc1027477705995992ea501ca2e215dc10e0b7f8cdd316aeed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9b0134f0caea95e3c3aa25ce3bf317f2

SHA1
4806408030c1c9d17ebcf2feb92bce31cb6cd096

SHA256
6ceb40322b914b0d1bc2c7f0bc8c397c33d6a99e56f21d4d742bcd3eba2d3129

SHA512
f3ff3a3ba847bdb028938b5e9fec16f71aaba1c8650cdb0057bf6f0d97b47d498af317eb8d23cef1c149add612a4a413cf7f129caa7c0ec5acbcac502ad1e0c2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
10c6a9a83053678e9acb5e2ad535f821

SHA1
aea60c8a48dd3f33a32d48126fc183be0060dd6a

SHA256
351e6f72036338ee411e22645606950b3a51aaba42a6c7794f20f8b1710b4602

SHA512
941cfb43474b51dd2edc236652af922d0cdfb87758e27b4edc5daf7701c2309444e4632975dab8097a9a977d2c981765450bcda900a2f56277d41d411f52910e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
148fbea27dd491513c2505ae06664bf1

SHA1
e91b0f6736fcd7e2bdc9329ffacc95651de03122

SHA256
294078c6952257c83db25d8de2a1c04736b7234a88aa7bc133800eb4cdb67cd3

SHA512
98cb3048fc03dd4ea01f66888c4dd2f96c2c28105f67b0f7109d2712886abe360989445ca91b6b9a230017fad5d05ae09d9f7d9134b30b6ab308a7b22a85a31f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
23bc0fc9fa73b7f8869a247703ecb786

SHA1
8e6c69f9d37d2af40f9e70785f8d7e0e39fe856d

SHA256
c1b57c3f67dda12744ef74821c7d4487fa365baf5ba6639f38234ca46e5ffe78

SHA512
12edcc1d9cde4200f879eadfe8d92f4182231a715cf381144d6bf82992ae91dde5a6abb2033080aff9e293bc4d8cbe7b99d25da9162d887dfd744fc6382524eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
fb64d29a3ac0c17fdfeba88f1ad68520

SHA1
f5aa2bc7850372559dbf005fa31a50464fd2b4d6

SHA256
f7dd904a8c292e6fa2bb7f4c44fea6e0acefb2b2325001b4285712656bb9584d

SHA512
6371ef7c84fea0bd9fe44ce38222caf11c88c2d1274c35a9d5b66ca453e464c8a6399f274dc3e5de30dbcc6a7989fb36a5199301ece14c294a1a09b2e7b190d9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
14b4c17370b8b99bf45264e6a801147e

SHA1
c8c278f45be86f486cbfa8b44f5ab15900831e22

SHA256
ade8b8b77b60c8a2ca7cece133ee8c64ad3c3619ed15a368f8836b7e057ba8ed

SHA512
084fad51d2a0e2da48e6fe2ff4510e612cd5a39a952a49f9dd92a5ba81d617e34b1e16be2b40e6c7db4587b58964416cbf878159529ff939b47160b25de8d0b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
627a3ec72d259f4585858cd055bb0faf

SHA1
1c803f80b395774ef401f8bc40cd316280b59bcd

SHA256
36d80d17e29f34d9a473f1b8a94ebd1fd09528c79f31977237ccb296b5743eca

SHA512
cae8441bea87836382b753c8eca166a4e2c73560db93408bd3b094a8031c9096e94d9b46129be7738fcab3bb74dae6fceb2a320fcef71744592122e3999fa840

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Search Logos\logo

Filesize
37KB

MD5
dc22b2142713590e38c3125ecaf8691e

SHA1
202f2e1b3ead53bdbbe85bb455fb3ac907f4ac21

SHA256
daf97e890462250124ce916d99abb9861b719519d0a41431d6ebfa090be07665

SHA512
bfcab6d49344f0ff8b45fd4533418ab27f5db9080b42a29fe308e8c8559a986c1107260dfa75204eddf9e1c6a4770c01784c0cb9eee21d5f4ac28a14da4e2dad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
b58a3512310565dbccae8a4c0fb1676c

SHA1
40b31aa7d55787f4571f27987d6b3fe848fe4fcd

SHA256
00584aee96665b00cbbc8718da2f4b46fcb5cf46d6986e93dd22d7f765f310d2

SHA512
8d4827300739927381a5dca6e76cd8d7e0ff197701f87594ae89f4782e60c751bbab521c8979a0b05748b97aa90842866f43b6727739ad4b1475869aa869f1bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
227KB

MD5
96cdce249b54f90b36c3a2b91228df0a

SHA1
ca0f64aa3c130a1d110e3b20f3d243b419cfceca

SHA256
cf6bdf73780530043fec8f5d58d93f806d620f0099b37ee30ae7e91340174e3f

SHA512
7c2bfeeb53bdc9d24d1f951c3a319bb27cf123699a650742129780e6fedfb9f940f074676131ff2c4760feaff6374a4d95d54f7a9f4893372e5218f121a01e09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
a9208e9596a9cacdfd3bf2292cba0fd2

SHA1
4f934a936e126ca7858af8a7f0b42bbbc72e4482

SHA256
dcca175448ff349b44128069db374dbf8535f6e383d6c2430ab3aeddaa02aa04

SHA512
2ff3ebd7c367cd4b87aad5eeeed03000129e388e39a1f129aeefda09180445d5ae6dbfce2cbf0d0a8b21fdb915f151f504dd635df65282e7e8591b1069b81b12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
58854e57fedede08b7d3ab51f2f180e7

SHA1
679a3a31632ed7ca748dfa82f1f5a654ed2b3d3e

SHA256
f97d82216092502831d236262856f152695246c3abbab26be43fc31e4938d4e4

SHA512
38feeeb30e46df6af70b795a62b307dcfa03e0fc4f2829a1231bcbcf52d58a9f1a18edb8227f0d25843c02acdf17b5fdd83293e8e5ca1bfe6654e20df2e61a6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
0bf1e4a028ed32e2d5e15b6903702d43

SHA1
7808e113484c181aa741264170225926b0f53793

SHA256
47b165f2e0dbf56b289f6c52c4543efb017efff5f5d4c69a68c3d4693a68c682

SHA512
3a74eb06f89f4b5aaaa14cd2a78e8ca34d69e1876165fe16f03712417d890220ed8d961615c8dff7035732841e6c06770047150188b7b551b5976dae015c98ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index-dir\the-real-index~RFe5f37c2.TMP

Filesize
48B

MD5
49186fcf17a366286b88763525403880

SHA1
2d03073ce195403507453901d7f0a185e0b5ff16

SHA256
5ebdf8772cf34bb3052561dfd50bf576518b5f6ead0b38d5ffca3083b3f3acaf

SHA512
15af1e8e1cec6b519840f30c1305b29fd25cfab8b8ab04287213e0a7528928e7966993794084c54a345e1b3a4d4ba96d4b61f1450ffd8a1e144d34fdec7ed881

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\wasm\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\DawnCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\DawnCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.82.1_0\_locales\en_CA\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.82.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\GPUCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Network Persistent State

Filesize
885B

MD5
8e8a09513d134e8e4e06787a4010317f

SHA1
0c35f8eda7b6723ce35390a4e65c6a6dbd8fe972

SHA256
98976cf5e2c2addd5acea779b145510d9483b4fc5c7c75d0eb22b00651bf2e75

SHA512
1df259c61e234427c5de49ca4508924abcc1c267fcb4bfa2f96d1056c907141846e7233977135059d66615d8d72bbb2c704762309018a91314dde8eef9f8b949

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Network Persistent State~RFe6003cd.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
797e0c9fe9d38353f4e6a2337772e1f9

SHA1
5be74d80ba8111900ae0975c6cffde0d073c74df

SHA256
9b45c28f06eb5ec877a379f08bf27555953859ab0a9dd94e0d346277d76fe2a4

SHA512
b784cfce29bf3f59fd5b3c5623bb9f9339fa0fc06c68c1d6a71147ac4787c941dfb7c41dd1b97ea9780c0ad987787ce44c23da5397538763b9a82fc2be21d733

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Service Worker\ScriptCache\index-dir\the-real-index~RFe5f4511.TMP

Filesize
72B

MD5
a04eaa889baa7865a783a1c87221f519

SHA1
1803379b81f6590eda6091274898bd20ea634473

SHA256
17eb5a2b1690937659bb5df005c8ca7a77c684149bfafdc7d23f214122415450

SHA512
3ef8ab68474569acc11407ea44d825564d7771e6d9fd478f995b031c131cb3c878a7ec65b411c6501fdbd0c4859aeb52a1fa208f713e3ffae1336fc2c0a79c5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\32.png

Filesize
1024B

MD5
ca6289a7d8f9ecc17f8de717faf1af27

SHA1
4ccf3c6a9291f0a8a3090c22aca6f1872c860073

SHA256
3d7283090cf1a87baae4032266e4d144f7ec2ea465e7b2bf02728aa394c678f0

SHA512
100fb108d3eb74eea016af82a5a6758f22173b3d9a60c5237e9a570aa14549397b224d9d4234661855ffec47930a33536d05c0eb56ac61c551184fa89b18697c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\48.png

Filesize
1KB

MD5
06c47df56a44e6ec6ed68a0c1b13fcf1

SHA1
d081069ab4c69925e2c5a8e7bb9a683f620dadb2

SHA256
6e21221baad8ccd2b71542f9d3194dc5868c0f424fea640cd4915fbdb32f4804

SHA512
e23731119c43850604eaa83c7fc17cff43681890ba3e144cc0b97cc8b33dc3f90a5370c7ae599c5469e33fcffed6492308451a0f3699bca51df665a70329a569

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\64.png

Filesize
1KB

MD5
fa9b6bd6c167dc772018d4105b7f3afd

SHA1
5a8b1a8bec14f864d559667c79683735508a8036

SHA256
2a8f1a1cfac4fbe96a6cb69e9e621201875cc45b2e60bc75b08ea193c759e346

SHA512
db8b36ed049e357346a6c249dacf54a78bf7395ab8a3c8f8d2aa8d575193f59959cddfc7e1ec18b32a029aa1cfd42ffe30149d74de56d88baa0583a6c00d9a9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\fb46ea7e-a9f1-45a7-a8ae-a0c5fb5dea03.tmp

Filesize
6KB

MD5
e4da290c213da8e9118b3908ab2472e7

SHA1
f053b8faa04c01a1262867702bdae94f7452f371

SHA256
539c1a95e1840dac32fac89a6ed0e9afdfb71b9b5f3a1750ba37c74eed700071

SHA512
9e242f4d6900dd921cbd4b1125e6fbed1f809ac245c78679d721f42fa92ad6528857e924d3fb3144c66c022101a50863f7dd601d62eb165435b32170e89bb62e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db

Filesize
28KB

MD5
9793732669e015860360821dc18a4e53

SHA1
f23db7cfdd5ac56c8c91569e4dd3b262e6bf3bb2

SHA256
c6a1c7d1d05081a87299bec874abec55fb635f88dfe2e67e2732a9227f5a61d8

SHA512
f89a3f2077813a9b1b94c7cd5ce38eaefb23f2c822de7167656ae2983f9b3acfbdc31c027b678d81db47fca54ee971527758d1a8b0de1499c56bb9c16c510704

Download Submit
C:\Users\Admin\AppData\Local\Temp\b1d48bdf-0952-467f-baad-0b32d14a341a.tmp

Filesize
132KB

MD5
e2d2f826a2253da9da88faea320734db

SHA1
17b24a01c01485399600196b6aa68456f070942f

SHA256
e59d727ad2f2ea2612506af5418a2ebf5974f16f7aaa9f7497bc92d75a451624

SHA512
ad0686dab396d77cbf6a39628aca8a712793257232eaf43e4cd27a27b32a7411fd2755bcbd92d3a9a7acf32b0e7974ac65fbc5b28615d91f48558acac7af767d

Download Submit
C:\Users\Admin\AppData\Local\Temp\de044e0b-117d-46dc-9131-427f3f6d7849.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir4972_1079446164\CRX_INSTALL\_locales\en_CA\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\Desktop\Work - Chrome.lnk

Filesize
2KB

MD5
70bf538ac1534853d505e2702412a02b

SHA1
ed5be82d5dfba6f5e6dfcb0c901be456f3949f9d

SHA256
f26e182649d01837b6ef19169ae3bf434933d4a7585c7f80dfb81eb85eb0ef27

SHA512
32be95b110a757282bf522a67657f752a9281a938e721a69733d6f68b201ba12fb25762a2336889a45025b12c920f5c63c429cac9975a92cbba365915e41cfda

Download Submit
memory/2024-5-0x0000000008810000-0x0000000008818000-memory.dmp

Filesize
32KB

Download
memory/2024-1-0x0000000000BA0000-0x0000000002BF6000-memory.dmp

Filesize
32.3MB

Download
memory/2024-8-0x000000000B440000-0x000000000B448000-memory.dmp

Filesize
32KB

Download
memory/2024-7-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-10-0x000000000B4E0000-0x000000000B4EE000-memory.dmp

Filesize
56KB

Download
memory/2024-4-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-2-0x0000000007A40000-0x0000000007C02000-memory.dmp

Filesize
1.8MB

Download
memory/2024-12-0x000000007492E000-0x000000007492F000-memory.dmp

Filesize
4KB

Download
memory/2024-11-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-14-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-19-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-15-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-0-0x000000007492E000-0x000000007492F000-memory.dmp

Filesize
4KB

Download
memory/2024-17-0x0000000009130000-0x000000000913A000-memory.dmp

Filesize
40KB

Download
memory/2024-13-0x0000000074920000-0x00000000750D1000-memory.dmp

Filesize
7.7MB

Download
memory/2024-9-0x000000000BC30000-0x000000000BC68000-memory.dmp

Filesize
224KB

Download