hxxp://reddit[.]com

Analysis

max time kernel
974s
max time network
824s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2024 14:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://reddit.com

Score

7^/10

paypal discovery motw phishing

Malware Config

Signatures

A potential corporate email address has been identified in the URL: =@L
phishing

Looks up external IP address via web service 7 IoCs

Uses a legitimate IP lookup service to find the infected system's external IP.

flow	ioc
308	whatismyipaddress.com
312	whatismyipaddress.com
313	whatismyipaddress.com
314	whatismyipaddress.com
315	whatismyipaddress.com
316	whatismyipaddress.com
317	whatismyipaddress.com

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
1434	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Detected potential entity reuse from brand PAYPAL.
phishing paypal

Drops file in System32 directory 11 IoCs

description	ioc	Process
File opened for modification	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jcp	svchost.exe
File opened for modification	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.jtx	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSStmp.log	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00002.jrs	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.jfm	svchost.exe
File opened for modification	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk	svchost.exe
File opened for modification	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.log	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSSres00001.jrs	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSS.chk	svchost.exe
File opened for modification	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat	svchost.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	IEXPLORE.EXE

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer settings 1 TTPs 33 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "31147407"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "511727450"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{4A2EA398-B182-11EF-AEE2-7ECF469E42CC} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 10db78218f45db01	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\MINIE	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\VersionManager	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000086445aa8a430244a91c2b800ab210a5100000000020000000000106600000001000020000000ca48e2c9787107409e52515f544cc3f0a0ca4690e3e7bad7daf6499e1de74bfc000000000e80000000020000200000002b4a1a549af9e65172791e09d6c39832f04d50d54daab1f8a2654a60d1f0fa8620000000f6ff52f5355d6658d1a2914877c7a1706cfcfdbd3081414508f65a4e278b355c40000000d75bdefd28881b8d12d60be8842583475ef16ff9926bf17e7513e24adadf7928084bbc361fce9e33b40536914a0ef7921316ea53e7fbb920a5721ce558fd13c2	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000086445aa8a430244a91c2b800ab210a51000000000200000000001066000000010000200000002c3d810002881bbc2a76f995bdf28a3178ad46996b4c1bb41723498f66f0a86d000000000e800000000200002000000008f1d90d14940adce79584872a66aaa036628a4d04a86aed22dda88bc05a2bbe20000000e7c354e040535f632731d5ef7bd516f3f2cac9c8751485e3aa599304bd85bbb140000000f7ce5322d20719f03b6b082112484ea895b2dd72509f9da7c30d69a28b7301e2ba6fbc2f014d43727c47c395498d848a72a5a14e77c6ccccfad6cd71986a026f	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = f05082218f45db01	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateLowDateTime = "511727450"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "31147407"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133777095162596553"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2437139445-1151884604-3026847218-1000_Classes\Local Settings	mspaint.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2437139445-1151884604-3026847218-1000\{C45176F0-A790-41B3-BA21-D475885CB616}	msedge.exe

Suspicious behavior: EnumeratesProcesses 27 IoCs

pid	Process
2064	msedge.exe
2064	msedge.exe
4468	msedge.exe
4468	msedge.exe
4868	identity_helper.exe
4868	identity_helper.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
1260	msedge.exe
416	mspaint.exe
416	mspaint.exe
2040	chrome.exe
2040	chrome.exe
9208	chrome.exe
9208	chrome.exe
9208	chrome.exe
9208	chrome.exe
9056	msedge.exe
9056	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
6976	identity_helper.exe
6976	identity_helper.exe
6292	msedge.exe
6292	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	3140	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	3140	AUDIODG.EXE
Token: SeTcbPrivilege	2764	svchost.exe
Token: SeRestorePrivilege	2764	svchost.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe
Token: SeShutdownPrivilege	2040	chrome.exe
Token: SeCreatePagefilePrivilege	2040	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
1864	iexplore.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
4468	msedge.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
2040	chrome.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe
8164	msedge.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
1864	iexplore.exe
1864	iexplore.exe
4164	IEXPLORE.EXE
4164	IEXPLORE.EXE
4164	IEXPLORE.EXE
416	mspaint.exe
3840	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4468 wrote to memory of 2100	4468	msedge.exe	84
PID 4468 wrote to memory of 2100	4468	msedge.exe	84
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 4252	4468	msedge.exe	85
PID 4468 wrote to memory of 2064	4468	msedge.exe	86
PID 4468 wrote to memory of 2064	4468	msedge.exe	86
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87
PID 4468 wrote to memory of 2768	4468	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://reddit.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffefb2f46f8,0x7ffefb2f4708,0x7ffefb2f4718
  2⤵
  PID:2100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2152 /prefetch:2
  2⤵
  PID:4252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2392 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:2768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
  2⤵
  PID:2736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:2016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4004 /prefetch:1
  2⤵
  PID:1932
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 /prefetch:8
  2⤵
  PID:2916
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5760 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5880 /prefetch:1
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
  2⤵
  PID:4476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6156 /prefetch:1
  2⤵
  PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4996 /prefetch:8
  2⤵
  PID:1448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1
  2⤵
  PID:4208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:1
  2⤵
  PID:1256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,7379562619800022637,6441464895431054991,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6288 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1260

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4040

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1424

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2fc 0x468
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3140

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2764
- C:\Windows\system32\dashost.exe
  dashost.exe {bccbb963-a058-4cb3-a409503b3623e49d}
  2⤵
  PID:1124

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -nohome
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:1864
- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1864 CREDAT:17410 /prefetch:2
  2⤵
  - System Location Discovery: System Language Discovery
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:4164

C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Pictures\LockRedo.jpg" /ForceBootstrapPaint3D
1⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:416

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
1⤵
- Drops file in System32 directory
PID:5032

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:3840

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffeeba1cc40,0x7ffeeba1cc4c,0x7ffeeba1cc58
  2⤵
  PID:1932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2024,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2020 /prefetch:2
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1808,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2088 /prefetch:3
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2300,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2312 /prefetch:8
  2⤵
  PID:3340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3164,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3184 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3204,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3232 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3744,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:1420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4848,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8
  2⤵
  PID:4712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5024,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5044 /prefetch:8
  2⤵
  PID:1196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5248,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3480,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3176,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3512 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3232,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5408,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4068 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4800,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5492 /prefetch:1
  2⤵
  PID:1832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5604,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:1980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5588,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5144 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5728,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:60
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5724,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5976,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5992 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5984,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6120 /prefetch:1
  2⤵
  PID:4864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6264,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:64
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6276,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6308 /prefetch:1
  2⤵
  PID:2852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6532,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6544 /prefetch:1
  2⤵
  PID:1600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6672,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6684 /prefetch:1
  2⤵
  PID:344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6824,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6836 /prefetch:1
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6808,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6956 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7100,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7112 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=7288,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7296 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7492,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7136 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7696,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7704 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7556,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7724 /prefetch:1
  2⤵
  PID:5480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7952,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7960 /prefetch:1
  2⤵
  PID:5488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7944,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8096 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8224,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8244 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=8268,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8376 /prefetch:1
  2⤵
  PID:5512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=8536,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8540 /prefetch:1
  2⤵
  PID:5524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8672,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8684 /prefetch:1
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=8692,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8816 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8840,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8948 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8956,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9080 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=9088,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9212 /prefetch:1
  2⤵
  PID:5564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=9340,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9348 /prefetch:1
  2⤵
  PID:5572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9492,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9480 /prefetch:1
  2⤵
  PID:5580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9612,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9472 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9648,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9748 /prefetch:1
  2⤵
  PID:5600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9868,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9888 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=10144,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10164 /prefetch:1
  2⤵
  PID:5616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=10188,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10280 /prefetch:1
  2⤵
  PID:5624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=10400,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10420 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=10532,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10544 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=10576,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10676 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=10684,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10808 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=10128,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10936 /prefetch:1
  2⤵
  PID:5664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=11060,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11076 /prefetch:1
  2⤵
  PID:5672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=11196,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11208 /prefetch:1
  2⤵
  PID:5680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=11216,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11336 /prefetch:1
  2⤵
  PID:5688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11576,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11592 /prefetch:1
  2⤵
  PID:5936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=7280,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8532 /prefetch:1
  2⤵
  PID:6912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=10836,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11964 /prefetch:1
  2⤵
  PID:6552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=12260,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12280 /prefetch:1
  2⤵
  PID:5784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=12584,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12548 /prefetch:1
  2⤵
  PID:5832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=12720,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12640 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=12728,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11860 /prefetch:1
  2⤵
  PID:5824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=12484,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8104 /prefetch:1
  2⤵
  PID:6924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=12844,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12864 /prefetch:1
  2⤵
  PID:6644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=12888,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13016 /prefetch:1
  2⤵
  PID:5828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=13024,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13152 /prefetch:1
  2⤵
  PID:6664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=13296,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13160 /prefetch:1
  2⤵
  PID:6648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=13448,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13492 /prefetch:1
  2⤵
  PID:7444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=13772,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13788 /prefetch:1
  2⤵
  PID:7752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=8976,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13752 /prefetch:1
  2⤵
  PID:7760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=13432,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=13920 /prefetch:1
  2⤵
  PID:7892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=13952,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14020 /prefetch:1
  2⤵
  PID:7996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=14148,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14128 /prefetch:1
  2⤵
  PID:8068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=14324,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14276 /prefetch:1
  2⤵
  PID:8128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=14400,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14416 /prefetch:1
  2⤵
  PID:8136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=14580,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14260 /prefetch:1
  2⤵
  PID:7104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=14556,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14720 /prefetch:1
  2⤵
  PID:7532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=14736,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14456 /prefetch:1
  2⤵
  PID:7652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=15000,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14732 /prefetch:1
  2⤵
  PID:7720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=15148,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15136 /prefetch:1
  2⤵
  PID:7940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=15276,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15156 /prefetch:1
  2⤵
  PID:7568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=15272,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15460 /prefetch:1
  2⤵
  PID:8264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=15264,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15592 /prefetch:1
  2⤵
  PID:8372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=15584,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15728 /prefetch:1
  2⤵
  PID:8544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=15464,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15904 /prefetch:1
  2⤵
  PID:8600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5100,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14448 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:9208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=15540,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14200 /prefetch:1
  2⤵
  PID:6188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=13908,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14020 /prefetch:1
  2⤵
  PID:6392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=8660,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7992 /prefetch:1
  2⤵
  PID:8208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=6864,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:8320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=11236,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7256 /prefetch:1
  2⤵
  PID:8560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=11528,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=15604 /prefetch:1
  2⤵
  PID:9096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=12756,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11584 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=12752,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11536 /prefetch:1
  2⤵
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=11852,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12772 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=11972,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11980 /prefetch:1
  2⤵
  PID:8676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=11832,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12336 /prefetch:1
  2⤵
  PID:7452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=2776,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=14524 /prefetch:1
  2⤵
  PID:6664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=12320,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12568 /prefetch:1
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=6688,i,2232574001087954973,6094834366984878081,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6780 /prefetch:1
  2⤵
  PID:6488

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:4160

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4464

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
1⤵
PID:744

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.videolan.org//doc/
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:8164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffefb2f46f8,0x7ffefb2f4708,0x7ffefb2f4718
  2⤵
  PID:8932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
  2⤵
  PID:8572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2536 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:9056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
  2⤵
  PID:2820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  PID:5852
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:7708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3532 /prefetch:8
  2⤵
  PID:6712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3632 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:6292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,14759441817388636330,13993742755143357381,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
  2⤵
  PID:6876

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2380

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5448

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6380

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
ecdf34399f1fa07e0a3cc2eaf7325dce

SHA1
59738bb0724f41bc9ec0a6b760b336c73d9e41c1

SHA256
70714b4a305af004dd1ddbe54f9a4753c2417198cc088f8591778cb7683d9346

SHA512
b3a61e9fb73bbde0b10f428cc1a4bc3369c8c1c989bbc5f19c88ccdc132259d0e6f155f0c7aab1e5ba8a1451670b6da04cb957ba55980055e73a5cfe4d8b3bf6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
41KB

MD5
e319c7af7370ac080fbc66374603ed3a

SHA1
4f0cd3c48c2e82a167384d967c210bdacc6904f9

SHA256
5ad4c276af3ac5349ee9280f8a8144a30d33217542e065864c8b424a08365132

SHA512
4681a68a428e15d09010e2b2edba61e22808da1b77856f3ff842ebd022a1b801dfbb7cbb2eb8c1b6c39ae397d20892a3b7af054650f2899d0d16fc12d3d1a011

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004a

Filesize
67KB

MD5
ce58019b091dbdb1895be63d765b1177

SHA1
37a38458a92835c43b270069c0629c6975b2ba69

SHA256
8defb86fd585d1e578370bac22698f0de49d509d7398a0e83fbae7a9d11e0fcf

SHA512
36be843dd5630cf0c76219459b2ff946fa91ab90be31e3ac62452642a79a062b9d7aaae14a0ad8fd92b1a6d468394f1aa8bfe45f262f33e34048b46e046a1b27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

Filesize
22KB

MD5
8c894e50eed8da055ed2bdcddf6ab7aa

SHA1
985d3ddd7d400b094c709c87635f0eff12518caf

SHA256
16f60f17bc52930c5f53a4d96be8fa17fc1da45a9af772e6643ccdf275182674

SHA512
846bf7bd1efd5d9164a5ca3994e7aff9786141a1daf56913a62eeab3c6a6e0dfa5197f6abff90d7523ebe02924fe0aa146997f0af7ba010235db4cefabf608ef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

Filesize
84KB

MD5
ba0e9b1010529c149786d5809ad4b1ad

SHA1
bbae811735878a140dd6d27f08a0fef27b998a5e

SHA256
31b3f39fc59008516f547bd694a30670881db0cb218c99a83da205f0ee2acd1b

SHA512
44387364c33abb95713e2df2c5d50ee3c8c9c869d67e276a17617c4ab8fd3a243a100e957c9a8c3ed5bc04cd00fb37af6023880bfa58fe5e754f28b3634437e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

Filesize
46KB

MD5
4b7071f9344d515fc2ede0d127114ec5

SHA1
d18c949da10bebf86b14532975dc1dbd5ab32134

SHA256
b3cf2dfb0cbbf86be6cf8da5c6dffa3bbe960c70c369acf0b83f2d1ad16e7918

SHA512
397a2f7db7bc38a6212f019df1e9a48cff72d2b67cf82576c60aa5ef5e21264e79fc8f939ac6346b862c5df5fb8a3aa27c908aacec1174225bd8bf89727e5cec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005a

Filesize
20KB

MD5
b2442bdbe1833cafcea521d6c61ebfe2

SHA1
1a4efcc6c95879a3dca4b977eeada5a87a070ff4

SHA256
3253fade0ab13b0b93dd0163d0809c7ac0c0ec7b6b7a0ed2916f763636cd77cb

SHA512
a4a5881ed0bc829583a9f914708e9e8b61793aa0f895eba7617f796dff16cc46702a27385a341da6428707d7fbb37534b969e843fe508c3ba948677c04e52a70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

Filesize
20KB

MD5
01544cec8ea1384b58d63e4c1955b9ea

SHA1
bda9a87449eee2fd053b56a7844e00b1460eea52

SHA256
f4d9c14f01e2caa05f3aee0e1c6b4bd282584365271ae8d484bb9c074e6b039a

SHA512
f45d85a0230e51b1942ffc2e133512b622ce0b07e4687e1227a3fb4feff3d269a75d7253add58b158eb03b88972117a38ed38db5bd225d2dab39255e004c713b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000070

Filesize
54KB

MD5
32a799fb5d3dba2370df157bb6e68e10

SHA1
cd183ddac04aee7342b6da8e2ba0619f69c8074e

SHA256
b2a24bc380a2bab6aa943faf14895813d503b16d2e143d32b3390eeba90b839a

SHA512
542eb58f2fc5bfb86be939b8da0c6cd657cee59e59d29e00075cf229cc3e54091cc0351d034d18d510fbb953cc534f8fbcefb99f70a90066c71c43d37ae6a0bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000071

Filesize
28KB

MD5
c3df0abcee99bc052cc5de9dc1b57bc0

SHA1
3047a6d5642cd367ac1c9f81e2471d3e31724854

SHA256
52742406fffddb5df0f2e85ef551557bdf1ba9e0a97c1bc8d534a02223452352

SHA512
72cbb18d3334e7955a1c7538205019b2e735b5016dff23ac66671b43bb1a47853e319f2a40712d2254b5e2ba71791228ddfc20c9f04f5b3a524535c7f7009594

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009d

Filesize
72KB

MD5
3cc209ef343995d27cffc833c9973482

SHA1
c874d519fa38ecfdd2868dfc5dc8ea8593f76da8

SHA256
9698ddecdddf2dc664b9029b8105a9fa7eaffe887139f3a3ae1b1797e142a6c5

SHA512
2aa8332c660868beb3f8fc680760af36ef8c7f04dd9b32e593c1215e3f66582935230de251bb7a7b826aab2db80edcc2bbf2dd7d5e3f65e10be6aa8a56466e02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009e

Filesize
22KB

MD5
6c639482f471b4bfc4fe3851fb65deec

SHA1
3e10f5c97d88c817cd5745a10488742badda7576

SHA256
4d88e01e7d5f4ac736cc8b5df14c801ed254a86c88602ff7938949d4298890f9

SHA512
54eac895bac6e81d1317a82834b5a838875519714893f14a4eed4c5effbaa7c0ecf10227228928b9c24d7241aaf1fa42a1d9c7934bee203333e2b73a088f4232

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
69a6ad84a25c2ef27efee24cfab1c535

SHA1
e922ccd4afaa0a74439a9fc8997f11ec1f428f30

SHA256
07ec4d65099ef4f0131e390b75d02cea6e7e9b4b918b3a445381ac2a79c4c243

SHA512
bd740037523db3ed268ba03862b27aee4015239f30f2f56e13651f2395c16446cd4f42958ccdbb831af48c871a17e2e720a5a5ca1f0ebf47a7cf6029146f3d6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
480B

MD5
a038e6364334dab16de94d3f8b38b3c7

SHA1
d50bbfa95692657b6d770ec4970f660291d731c4

SHA256
0e468aee318c408624ad7b80488717d973d4ec1b398edeb0ea2d03b8ec6442e4

SHA512
a401ce554d4a29120b8db563f40655190eba3ea30e308dd8b983ec09eaa15f8cb6f5e1d50a0cb3fd066bd7f66d664011d8ee799b345c2771d1926bcb444d17db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
9152cb0a81a7f23ad42ded739c564465

SHA1
4c78a14cdc5cd2cff677e058747230e9cdbcdf14

SHA256
1aacec7f5c3b334dc9878435554ab8ab8605ccfd1a4e3433a2d44b882e8555ff

SHA512
c9d3fdb6649d46f3f6f6d62ac0e9987a3b1186dcef25562582ae9445b900fdb4fd502e266bb48c8eb9cee59805b0233fabf6d27f28bdde554ef3524faf3e9e73

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
d3801623bff9ca844a5611e1c91f83c2

SHA1
3595fdcd636fd20e47989b471a7ab7f4d25ddca0

SHA256
880991f3fae3060f5a953d6f07b5785a8ea864f8cd24892385b211bd255c708e

SHA512
456d32ac3febe874f03834cf0601ebdacae60c76273291988cbccbd70e86a4b101e7675f818f3396811582788f40ae505f4b9b92cf192d18f03c8bb1153e3aff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_whatismyipaddress.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a16909390fe35d96af02a0ba40e9965b

SHA1
82b1dddad7e555f1a04ceffa1af44efaf0ce2366

SHA256
4c088b178755e5b6ffbf3dcf95cf8eff5d41a3d4584ae8505b2bf5c4ad86ae29

SHA512
f34b835864b88dd502e305356325be9c61a8a2fac1bc8cbe30a479f48ba4ad78ec6073dde756be540a8c1291a0f2d223625fed2a57109bcdc0dbb6b1caabf812

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
60KB

MD5
0fbe4dd057d3e5396517ce79cf473a19

SHA1
2ded741e68708c5fe5bb81e7c0ac4f45114ed354

SHA256
35336c6d5a1ccfc8015ed50d9fae19f79ca4ada828b81040b9085db7a0062acc

SHA512
07bcf9299b7ad0acb90dc8e3b1b2306e65653fb713b516bb944ccfc21b081d39627092e68019318aec916580543cad8985ac3820d9b77615912d814afe5d525d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
fc4361ce588af3d305c0e9fb52693b6d

SHA1
e9d89c8908895e9cb6854ce0a5257ff916318caa

SHA256
3386b72d0f53d4447d34d98bb0f548051e2a431e5e4cdaecdf4df62fd073cdce

SHA512
44c1119b077c1ad883cb614a223482d99d228acb95a4d5558d25b854af3e6719417b7d6edfa86a940546884cc32c1a3c243b6abec5a1cc346c76f447606e27ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
1241b032a2c9e2d81820435fe86bb418

SHA1
da037d342b37e477d8aa03c6f49827ba5e7f2026

SHA256
8dd73c58b64755e96fb66ea1953f4d9fd6e60018a40400c4beb34ee8e09ef5f9

SHA512
c912a4556a2dbae8a10d62271b4639cfb93383cf8b66287bf533316e50e2d102717872886a7e58099fc6cfa93d97ac2cf5106f2ef73251c03c84b7e53460030e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
b83dbca4620e6822090c1664570dcbe4

SHA1
9c621ef4849ac87a30910f8832ffbf8ad7ada9fa

SHA256
d6b49bb88d991fb32872b4febcd527fb5de53f756bcc9068fcf1d32873d56c31

SHA512
5bf62742374794d6fd194facb3d83d66ff4b5eed4ea59e422289129fe9cef8b55f1b7aa1a2150f86836b7ad0370005076065f1ea19f4458b2296e045b0a11d0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
5333900e3c2e0a7ec3759b47f87cbbca

SHA1
4b6991cc780e78c15a94dd2ed499e806b5f21275

SHA256
91ff61b0dda9abcd5135d2bbe7d60a9b012d42ddaf1f45ead6439510cd9c2345

SHA512
5d65b03f6f1f8035185366b76f91593671814aa22f1f6a43777e4ed31e95d24a89aa65fdd19fae6ff7b8c1c5ad78ffb2cd188b42c6d697a4f3ce98b93fcfe02c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
649e7ef9edb3d0f8e8f472be992a1a96

SHA1
5831b16c37284c6401f7d6f726212e2e7d0660d2

SHA256
72f891e58eb30b8403d2edc12156c32f64ea35c23d85ac286e690306c2790b4a

SHA512
5edd5ac73e1ec158029856c67d82d7d574892bd20ef2bca15f5f3683e234173c0f187fd737d25d8dfa6b7f2c5f51a96d0c4f3467f330f84d2ee16463a3ca391a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
37656cdc08f0e903b0733c41a5a274a2

SHA1
a22fb28f0b83a46f8f1e5e4b95ff7e8c1d2f2c95

SHA256
629bfb82345101a6150fa799abf6242211dfd230f9035078ee46619b40033ad5

SHA512
8a106134305397bc97afb8df61756b02c39a944c995caf698bbd3314e469d12874c4fe4dd03f452cddc50f0ea121ff301ebbfe9d9a7c2c71be66e60d9afc2780

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
c42ac5149c903a409e70d27739d2b92c

SHA1
99c6a3dbcd338f72fbe166415d346adc0669a184

SHA256
acd7f53c433790ac25bb9bd5ca53a461c445c61bf7de505fb4e544b2d7d0fdfc

SHA512
f606bc4f4ed2d5525856bb9a02f067ba31c0a96326d8ca79a360f16ae3b3ff176cf59fc3efcf6c27635756aec978b588c4616b2b54c7b1d4d16d1ce456099a7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
a0202b8630cf7ab990697b04a5689783

SHA1
1967e72f3d87e9cfc849cec75360e3e1b4af39cc

SHA256
0b669ee4280619ea6e29e9ced20f64c0368892b720388f6fbb64d098c0bf3188

SHA512
9d045c580dcac3c0b61cc8b8483874766a9b7a076b4f2a8bd4253ceb911ef440ab5bd1773666c0121ee660cbad0d3c1d2f43b2d69cf954fe46a332031ef4f563

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
b16a2b0f70c141cebba03ca3f3d97783

SHA1
7fb070b79866fa09aff21253fb5a98a01d560cc3

SHA256
a7902b4bd325335bdebc0b584bbf65b6c08502c12e4414b61542d5c818bdc77f

SHA512
b9da3336e8d8271fa71e377aac5e86993c2579c02a2447bb0a71e09632326f9b7a1e28e42b128d8ca3040f30ed5c42c19d197275055c20f7fc4a9dc2b285fb0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
cba222d45d066f25ac61c0e85a61d240

SHA1
ff9f50eaa593cb72f62d61e9fe9ddaa317bd5269

SHA256
e44dbdc2dd25eae5fd36d80f07b7ea1880f3e224e963f46dc9d67e9f8ad9f13a

SHA512
2d771c4bc8863cd90b5ccd963cdc2e2fc6e4c6124a79dfcca81c05838a5cc5d468fa7bac4bad8e51a2c0ce0b3c84e5beb2719335658fec8abb885837a9478d79

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
d1a118699724c402c859a7c5b3317be9

SHA1
b4222dd2e4d3d850367739dd014e52eab24c285b

SHA256
2ba6ea9331980a6edaf1da7806cc0ce71d299bc082743fed2304cae64b0fb843

SHA512
ea4f3d36d7c4be8fc999c8481e392b0ea3d5eadb7cce8f86a59746321111d4fa83b1abf283fd5f3ba4005fbdb682df734c107646ee2bff0accd59be4b751f86b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
b3d357285199f4e2d18d446f7a40305b

SHA1
e28f37b731b8cbac767887fa127557b0f7ad559b

SHA256
a278db90160885b05d3b42891d95c9b5a612092d44d4dc25da8fc88974147b40

SHA512
31dde020bb11c59e6979f9fb3536037d0a0216ebaf9769b9561cf5123d1654804aed66aa2b4e3d1a6c57d6e3dfeb2482ffd74ac3b5cf1fa339afbd70a0c84f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
d7100481014fe1b42cd8caa1bb977d42

SHA1
04ca029fe5bde942a3706e6936aa84537eae27e7

SHA256
077ba5e189d7d8c7a3542e959cc95026a46b0bc6997aa06ca9b1c88a20674427

SHA512
79cdbcb7e97dede39b6489b28ad6e968bc578c9b4cace8e6640459540356665cec10eaea4e75019563696e1645b46cede9d02175d6a277233450db50cee5c8f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
58d66ac4140a37e7ed8ab2eeec627691

SHA1
1e9319853e79469b07ff0975fe5dc5e57859408c

SHA256
e6a2053089b615444705814f8b92ba2bcacc50ada152668e5ded0d3926437e6e

SHA512
bf97e22a10e6453592718fc3ac62a4bd24a47f2d2baef0f2f063c699bf5a235863da71bc71253fb484f47deb4bfa083480c452f18d14593bbbd49352086a584e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
72fe94f5f388236f13faa744624c34b7

SHA1
763ef897c09b50e59488f5bb11e1645c17dcd5ee

SHA256
d02e53387604088a31c9a6d7d4a2acd9af2201b15a89005fbca7f7db5d75f8d1

SHA512
6463408a3750cb0aac62736c3bea1feacc2a281eeec5b6affa748f8a7e5f33f4d94b423147f991937bc3fc6f36c8487dc66bc981c067d7c1a2296f34cb994bca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5788f4b8c1b8e0f41964a94f35f0608b

SHA1
52e1c42a4053c347ff75b80452de629963479e17

SHA256
3aa5efeebb5e5957071f2385f49e5a0e7f2c38d395776d00ec18f4dce003862f

SHA512
282050d5ea1cd1a2f3311a8d4ff819907135c882a58df37fbe2ac907c92c78de31fe4248482115b3240f7a2f0312674ac90947b30719053ac13ec04ccb79fc45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5b7f327b1dc949e37cb54fc1b0c87361

SHA1
2d15946bd2f6bd3c672e8970231e920ffab2f6a4

SHA256
644f527299434de91eaa504eea02ab132bf0753fa766d386de88c2dc59862771

SHA512
55cf69a431bb266cbec1548ffe1bf6ab2924588475dda427cf5a94233045768eb42fb28ab8aa911e74c6ec368cfcafec405113a15db77f7167308b5cb6adc084

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
d9553499cc02a44ac68661a854a65fea

SHA1
18eb044157f2adfa96520fe3ad7bb508e8ee7a4a

SHA256
ec930b16658e0e3842350bb7580928ce267c85b718196311709df24adc4d0cad

SHA512
7048290a92670d661e25e673b836c2f89e46bf35ad104906f91347d2da4f6faafccf05a5991b738cad10242624c2c251c570d006b2066e006e2102520ef6a008

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
432ca0679939a009bcd2cb634cf53c23

SHA1
0d9cdfb78ec6ea784051be88560a00e0ab880909

SHA256
9532b509a4bfe8a7785c5108c41904f283f2a52ba528aacc361efa21ea65d65b

SHA512
e8c4da52528eb337305afaf992233f9c260bec5704bc6ea3ad2a502534013a370773812e26f55a3527dd0cad714315733700213cb926379a976dc8f0c8939f5c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
12212a73922f04acaae2ffc4b1c7849f

SHA1
24dbec6c23350f91df382764a5c4cc7c8256adb6

SHA256
0fb29f226f059dcad7fa68252a600857249cfb1564529a58d79bbe21844d55d7

SHA512
7869dac9fec8849dc3862809e23041b050f6095df4c0191a817e851cf1f5ea66bf4d48b395456f1c65325cf11066d2db6296ecdb1de323fdf187b6af1769f54f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
c567b92747ac843e6039ad5eea0cce81

SHA1
48a219d3d0f1d0af687c453031191e8f99f08009

SHA256
5689feb77126c709ce87fb734520562edb6927e56adc0f6f384d07f2465e7751

SHA512
cced89cbeb4dfbf191f2790d65b86ea4bee0e74b05e424ce94cf1bee8eedfbc136306494ecd3f15f7b37cc04990ef4c9552a19fd7027d3915308df13c32ee755

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
1de4d8dbff456778c82721ab9da3c016

SHA1
bf2a30fb7749f89bd79c629111bd3b113037caa2

SHA256
bc1ca89e156a35d508012e936824ac7f09b37667405094653c816ed28642d2b7

SHA512
5db86256f6fde748127276f2b78af734445580c2489911d399836cab67a8ec33c3f32a542e569c32bff4c62efa663f03694422561c6dde215597d33805500250

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
eb4dc55f46f8aad77c9eb2010ce92d06

SHA1
4d50349b3ce4944b6b5d9988d94be24f2e2c3015

SHA256
7e3978431ef8c27efc9ffbb4c89c9f7aa7a63864e7653b4769a7e4532fbe5b0c

SHA512
48693496fed09fd0ca20104eab4c37fd1ed0657a48e20a789559187f29d42a060ff405c2de119cbf9be73052acf1fd8f421cbe33eff7bdf9987b32b350077d17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
ee7d2006dfcdfbc51635766ce5b22887

SHA1
b9a86af174a88e7ef1022382bd701810ba489d45

SHA256
c7a41423e65cfa062a36ba34e86cce6e3b30ba336fe6d13f79bbccad8df8b37b

SHA512
f5e05fb207f7020d75f608749a4df283fb3caaaa8ba58632aec1477749bf4896e86e4df0ddd3f50ecd609ba75d79f401c79e6729b79a4eecc1d93fd2bbcdd182

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
d7e3fd22a1bb4bca0fcd6450228f0a18

SHA1
b7b39d353706b07fc8da3e4bb30e7b9a15183761

SHA256
b2efcf10783db6c1f243caf120888654010240ffc329a2975bc282ac15591d51

SHA512
ed0123b7680507a99fdf57915473d8f73d8aeb55f55f6c495cd8f4560a2e53f2357aad766d2c87cec930ba6462e199b2bb7945c42ff6c65d8e2b194880a36086

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
0f76911cc115570302c7ba68a3889387

SHA1
37c37568e5b9536e7fb2179dbf5f64ea1fe6e8f3

SHA256
09cf2a54486f21fde978824de82896ccdfa3eb8a2919bb498b9e144eadd40047

SHA512
0b573958b9352debfb6ab6215c2682d8567d8e7f82f1862f874954f32d63c56769c8b7e808889780cfe605565e4ae5175819ba7a9ccf5e6e4cce40cce8da564b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
e7270ea504456dcc0475f67dbabaa0ff

SHA1
3bf1748db4fbc1c0181b97d43b550c211316702c

SHA256
75d71459c204e3c181cd1c6d5b92eef1a746f826444d5f79f117294646967a1f

SHA512
c48c3c78204ab5997a38e163de5ad5ca71335e7b761c74f0d0836476b212ed4a97edb2ff75ed7733d0fd2e7d64c85ccae5f69f9a6f29c4221b5d1e2c3872cd7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
234KB

MD5
11e7d3c839ca0b664538c27fb8f8064b

SHA1
26d9755a9c17dfa4689741faffaf505f2a024326

SHA256
f12dfee543ad7225c33e3d980d688279d7ec7a4a5d0215bb039e1ee2154b5d93

SHA512
0b562599b09a12804b9a3a8712ec4fa160463507bb0df278aa68b25a754ff922e76c363845bbcb559b0f1dfd0ed33355c1f9490a9125d989d0d903b81ed49cbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
0a9dc42e4013fc47438e96d24beb8eff

SHA1
806ab26d7eae031a58484188a7eb1adab06457fc

SHA256
58d66151799526b3fa372552cd99b385415d9e9a119302b99aadc34dd51dd151

SHA512
868d6b421ae2501a519595d0c34ddef25b2a98b082c5203da8349035f1f6764ddf183197f1054e7e86a752c71eccbc0649e515b63c55bc18cf5f0592397e258f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
b0cafa72565b2fa07ef5df1eb72b00b9

SHA1
d23e84ab26707048b3b1025d6a7fa3a7741cfafc

SHA256
276350672a0224e6a8bf090aa4e2c072fba69bb7668ed0b6c92fd3d9fedb55a2

SHA512
96f3ed200c573c9270ef93dea1652e63f55ef1132ac9d9bd21f4031d84fac23cb2d34e9ab26fc520b640670e32f32231ac52d26a5daab3d0aa2f761b01f5f3f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
58ffc60f16e2cc5f57693a21a9b6bee2

SHA1
1c89779940df6c4fedbb59a99687990c45015266

SHA256
2f591b201f1603f3847d9d992c01d3e365ab99fbd4981dd9fc8b019f004a212f

SHA512
ac31dd656373abb4cb59624f1f68808ec02748a64613c82bc5b6eefe9c1b9c70a28b95174c8bed36e479dfe6c66bb7b9fbd8fa2d018645332f79c69d1895f4d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
61cef8e38cd95bf003f5fdd1dc37dae1

SHA1
11f2f79ecb349344c143eea9a0fed41891a3467f

SHA256
ae671613623b4477fbd5daf1fd2d148ae2a09ddcc3804b2b6d4ffcb60b317e3e

SHA512
6fb9b333fe0e8fde19fdd0bd01a1990a4e60a87c0a02bc8297da1206e42f8690d06b030308e58c862e9e77714a585eed7cc1627590d99a10aeb77fc0dd3d864d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\32c61dc1-29d9-42b9-9e7c-6cff24bc6829.tmp

Filesize
8KB

MD5
cae1d1e4bd167ed6a4dd75e65857e95d

SHA1
b126de1812e0b39538fc00ec7c1718fea949ee14

SHA256
9bcfefe45049089d8713ed5a92fe980bdce4e7a24c1378893d6c9806e0cce6d4

SHA512
b0b94f4cff21a328ca63ec2aa70604c8fc145fc143a406c15a1483c5aa6112f1bfa03f6c8c3f572871a607c711b4a6a72ac01d9adcbcdd825903c8edda077ae2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
215KB

MD5
2be38925751dc3580e84c3af3a87f98d

SHA1
8a390d24e6588bef5da1d3db713784c11ca58921

SHA256
1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

SHA512
1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
62KB

MD5
c813a1b87f1651d642cdcad5fca7a7d8

SHA1
0e6628997674a7dfbeb321b59a6e829d0c2f4478

SHA256
df670e09f278fea1d0684afdcd0392a83d7041585ba5996f7b527974d7d98ec3

SHA512
af0d024ba1faafbd6f950c67977ed126827180a47cea9758ee51a95d13436f753eb5a7aa12a9090048a70328f6e779634c612aebde89b06740ffd770751e1c5b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
67KB

MD5
b275fa8d2d2d768231289d114f48e35f

SHA1
bb96003ff86bd9dedbd2976b1916d87ac6402073

SHA256
1b36ed5c122ad5b79b8cc8455e434ce481e2c0faab6a82726910e60807f178a1

SHA512
d28918346e3fda06cd1e1c5c43d81805b66188a83e8ffcab7c8b19fe695c9ca5e05c7b9808599966df3c4cd81e73728189a131789c94df93c5b2500ce8ec8811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
16KB

MD5
48c80c7c28b5b00a8b4ff94a22b72fe3

SHA1
d57303c2ad2fd5cedc5cb20f264a6965a7819cee

SHA256
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356

SHA512
c7381e462c72900fdbb82b5c365080efa009287273eb5109ef25c8d0a5df33dd07664fd1aed6eb0d132fa6a3cb6a3ff6b784bffeeca9a2313b1e6eb6e32ab658

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e

Filesize
225KB

MD5
880e2f31805c47b359c78270b423a59b

SHA1
9e84732ece86a713d1e46b0c51182effbe2e0854

SHA256
de2edc92d666485b94a48648861c4524bea3240ae6ba3639572cee652ee68b2a

SHA512
2b4e4f9524f9a399d786b10dffaaf347bb5a13cff45c9b90aedd178f47a51e77999a52a92f6bc1b5e94d07df4568787ba64f9a013b848cccbf374a7c84f9c91c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
dd5620cc5212607f44d512811e536433

SHA1
2a139033ec8fd7e513ef5c22b71592022be65244

SHA256
9eaed03d73104de442df616229bf6285ff8f07ef570361cb94274e174e3aed95

SHA512
a6263e69bd3cf1630a6cbc3c220fea10fd142adda7516a7db379fbfe11ee1779ecf8bc3e9cb3cf69f6560a36368c9f33be286f36f02a15e51e4cb666c5831427

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
240c92f8edb49a004ca5523e0d8fbdd3

SHA1
5d6f7049974ec8846721dd6da36c54407ed5ff7c

SHA256
726dd851e91dc203bd933d470b1f551c16d2c148f6f040bf507d6534e0cf3779

SHA512
fb53db744a0f866055baf8d51f49dc2951d4d99c7161697bda42b3f3cc3a0950a847cf02c2d1c81549f660e33626de8e258f834f7461a6d0430b1cacaa9c6ad8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
8f70b1d90fc5f82ed20a323b8d572cac

SHA1
c7b44e473da2922b5d8c9f3c943381d227c12664

SHA256
ec01bc68adf279e0d23577937a672a2368b0b8d22f3958dbb4883a8a60f111ed

SHA512
ca990cfec169ebcdec99bee2ccaf0ba3ae11e88f1390bd98a38c1c6af5fcbd194e59451ec5aeb944f66e752d4ab1548d5b8f89a490e1150cda5dceec62667af7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index

Filesize
96B

MD5
bd638ec35815d5aa0acb11f1f719a9f0

SHA1
55abfb6bd5e0751d308526ba072a3596dfab88a9

SHA256
a58bb665f847dc1817767a8ad8b24fcb95fc8db2870de22e7dd68b1d1c00193d

SHA512
bed73046d99b3b6ea864cb5f0ec4faa66a4c20c8dd2dbffb684e0163aac92b0de64b8bbed9a69546e8fa15db4388158514ad17dee9bf1d95bae77be2f7e4269a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.reddit.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
f3c0639627561670dc3b6a3e4929bef0

SHA1
3b13c3bab86fde8ce4dff5cb32d9512c483ddf32

SHA256
f7d1e687ea95e695d76f9bf23ac5674e7d57855749ec82be0bdc870757f3800e

SHA512
48441714201491f0c96ff56af9ec9fc039e3aa4ec96c24ca1bd040423726af7f10cd600a07b14c709bfe6330e396338c4699b18ef894efad0afd7b273fde6aa3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
eae6fa56623a3b8a2650a29f2e95e244

SHA1
6fd0906b4b69c8b7c12c1397e27b08d7d087d4c3

SHA256
fd5816dc978074a9427911c4da915f427bbedb74527f532e2b3b77a7135122a2

SHA512
d9d94b5ffeb23512b3fa55d0e9363f2236e203a24a1f3396506dc98891f04716c3f7760a4123d6baa9ee92446b5983d22ff51d824290a4b4caacc824c353abfb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
6a0d20b1df8b9e13da0cff15f781c20a

SHA1
ed7e953890963861f1445995ac71417ee9b9e766

SHA256
d1e44b610e26da8eb8631b7f852f41ce224786305c0675336475bed6f33cce3e

SHA512
8b087914533063e386a2db148c453dacf5a180b0a74442cf13fd2f210ffd12f2259fc9b51d4f9ebbd83758aaf210f0bdc16802abc79204d4353e21581d06a8bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
6KB

MD5
387c5a2afbb9858bbc12148e5783d8f8

SHA1
8dbaaadf791d630d143f89638bceb4e08ec0e1ec

SHA256
376716ed3618a2ee6b5487d033517306e0a6d6f44bd2158a463c55fba9b1938c

SHA512
e50348a154131b6c7be7e6eedc41871d4089437b812ac73c28a843d3ff2cfd4d66b92354ad2df9c762dd6b5af0330f754cabea3cff8bde2ae3d5544785c5c847

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
75f9031085c47184574527b0abb65f7f

SHA1
8d6774a0b9198571cfb80cfed931c8ebc2cd8900

SHA256
b416e6a5a1b5b65882dace7d374c4227f0b5198d2b032482519c5dfb55451ed4

SHA512
121cb93c28fd865b58313e6885aed7b21a289cdefa57eb8b370c186ae134bd4fd4b3208a01479ad20e5de11d3fdf6287fe897ffbacf309130e6b0be8f1b80b7a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
16cba89d29d7cdfb2c6c2f25219ae221

SHA1
ccc24a54ba6244762e26bcfe4356d6357e679b39

SHA256
9fd6fa4297a819cd1e240b26b805d150386410725657492d20e8a16a7b24fb87

SHA512
a0bd6e5e5fdd1ee7a6130e718b9846a3452bcc0ff200819a1c56db4c479c3a447a7a894a191b6843b454c1fd9305fa07e7a4421dad9df5b6a53f3cb6473926c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
a63d92c2217c73761417cfbec9031aa4

SHA1
cbc234c41c47546aea3375dfe08b08fafc7acbfb

SHA256
4360a44eadf1eec4d6206e7684ded091b398d8091b71239d7517e575659d79c6

SHA512
c7989d8731be095334963878f3cae18ab3bdee5e2c44f43a2ddcbca4ebd500735bcdc8cb5fb9f29c1eb17a09c0a965a85d0a4c37ebf0257b853154a3c537e9ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
6e3914650ede553c8cb13cd7441719a1

SHA1
4d273dfce10a7eadcb62b57230895ec1ef2e636e

SHA256
5e07852f377599dfd84f5d330b9813397ee667dc43044f1d44e0ef29b3078f90

SHA512
105482774f839d5d16758251430504cf7f93b31c7289c3d16f6bad25f9ae1ac5267430a4bc100dff3e205ca390104371a7a208052ca283077af5de684d9e8993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
560f1d6c12b02372f7a4045b28e6cbb1

SHA1
e12f7b5618fc9c6a9df2797d2fbf15bd13d75d90

SHA256
77ebf882c35b4ec139ad8dea8a2fa0cdd508bb89f6cb06d9fbe3c7932ff3ef1d

SHA512
b23881e9632d597d24787f94884f76c95e8d1e1089b91da98916cb324044cab92cf45a960946a45f92ad3c71cc5baa799d41140abbbacc14d1cb562188f3e174

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
bd643667e284c97cc88359b223993b00

SHA1
21aa68915809edfcf2b689121374d35279cd079c

SHA256
1182effa2a7e64740489bc8a15e16307d979c9acd579b6dc47d6bbd0a4df9cbe

SHA512
22c14c1f00fb179e9690bb54111cfabb4666a5a51278233f03c8e4ab384c9869f43f0c00101ba4f48732a8673f2a59e230ff6fe3a63ed506cc79f58882899e88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
1bdd3fe83db62b5c1cc9686b80539514

SHA1
0854ef8e1d5b67cd72dca155c9b0a1dee3fb32b2

SHA256
be9ce62ebe38079539dfffe7466e073ebbbb717ed40f0622791ed718cc6937c4

SHA512
483082e6ac1cd5b10c557e62690d4f1ead13ad97530e7f8cbc009276dd2ed92ffcfaea9e64b2b39fcb6a600b432a948181ba498abcd43a7cbeb7de76f379359b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe580ae8.TMP

Filesize
48B

MD5
dff00371c057ab9392a5672dd596504b

SHA1
8eb5d4df6a213ce2fc626dcd02b79b5ff3db310d

SHA256
910bf994ade635dbd08512afa77abe7b45a390bb9b610eaa34c8cfb1e76333df

SHA512
633ad37d8cb74d25257bd09fbe6912e0266c82409302764b5b4b1633966fbfa8ddce9b6e00d7367a8bc0079e8a69c57cd0ac2788ece074cc04ea61d26efec3c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
65c69e9b8ffaaf4af08828abebf788a6

SHA1
740558a10cc7b14d7527f652221f12a227b8b921

SHA256
7929ee775066e63eaac0d915788de19364cd3c870272f5391b129bfbf96ea85e

SHA512
a5c4f1f446794fee3b7b7f68e7c25e4e29da55e1369b69c0fa6519b9158bc0e7c642ead4ddbb84cadcb0ee9ef9f12e61c4da88f142fcad52736ba6daa8532544

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
66c2aa9f1c2dbbf8a36532094b390b6b

SHA1
061c5a840aea1a1d7370352a720a016a8f019f67

SHA256
ae080d8d6b9bf1b701c3f475b46cdccd486de300132447446192741b904cc308

SHA512
32be34ccfcc5c97b35d592a6bd695af00d21f5a64351c49f4ea6905cee3baf7210bc4471cafa5910c78941447c41f05b79d84e99451f701ba31e0fa56d15d5c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f84e0c8a3866babecb9a307f8c259932

SHA1
e4c620657b97c2ec5ac86025050fecb2a60c779d

SHA256
886929e73bf15dadad19f3b6cd391071b59d6662dee4dc5ea3e6fa00063a22c9

SHA512
a9ad2ebb8a01bea52a5f210ae9bb85542f3aa02b789a781ad25696383a8d19898716e92963e0e3033583d4870fd8eac9a60718001c5fc44562746dbc69de0199

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f9a038ed5274268867abe12352a0213a

SHA1
255373b4f949457991945dec1c346ee783477dcb

SHA256
20176ab1095330cb468a623dba1983318d954e01d23a688026e08470c30e7219

SHA512
c36a323c7e6d7f79183e2ac942503adfec14a81eec8ab963220dc9e4374600773698ccde134c04ce82df59834b105009178809562934a1ab383c9c30e2bd81cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8cf268ca4b4e7ffb5a2cb75327599ef5

SHA1
cee5862eb18fd82c6213fdc02e650da9d695ccf1

SHA256
d285971068b48b7bfd13c86836ebef232d1ff0bd9f4192c947aad0632b51c0ae

SHA512
f6aa1972b140766f2f33654db7626865036684462bf473bff1b4ca670ec96139bc55d18be7ac1aacdd8e12c37db48c9ed471073224f4518dd17d815945d79f1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
334317b8055f951a65f768c3b217510a

SHA1
2b94012b04ea6b773ac0823e5c1440089b7775fd

SHA256
2e5f7a804262000d4e37ebe011c65424dd587a7eea6431e4836054c8cb1217aa

SHA512
7c9fbf0726f6981c9880be56d59aaa9c0793e6f227e6976a3e5b24d22bd9b23f0adb98ecb38d0a1c9baf4f1974b7e8782a932613b5608184aa966a81750920b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582100.TMP

Filesize
1KB

MD5
dea46f9f53e03221d49869b2b66e4948

SHA1
3a543544dfc02d15af56508851a3f9fbae3c5674

SHA256
57bbd8a7403b074b9d316a842593bd8d836d525a90ce5dbc854cc859fb7e9e22

SHA512
5e32f98a63c5c1edbecf183111f861f1fdaf15a4e04f9c669b02bf95d9de3e15127294e6e9ae59f55914d2f70a46740d6774bafb5730df307e7d2fc591b20d99

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b6bb2ef3-5890-4680-b3db-5ca0b1d010de.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a9bacab5cd4588af0ba1fd92220079a2

SHA1
563f4c1f12e5c707d478f5fbcbad0eec6115a82a

SHA256
730c8c244fe894248febb6ce976f183e9dc0467c7eef9db4fe458da0dec7be58

SHA512
3ec4af872ad03bd97c2a5c1b24d90f403968f06a53cf90861b146ad81e10c72989a39735defc07f42e6271cd5f490ca25eb198393f0258cab86b5ceb9879c433

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
781b9b1b4ca7e7ba62c562cfaabf0602

SHA1
bd78e1c34d24b51510bcd9b64718ec144f6f6419

SHA256
c28a73015a58cd643c58a9709b2b336d63002f05fe795710cb4e000c911c64fd

SHA512
6109c6872d742cb0284018a2359d59e1b8e74696f05bd590d2eb6b09fc3d0e2e354235b6e7dcfc3c0f26fb9640cf20be7c31cfdb9d15e45dd57527cb062e6fe3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
86df6241f093beb6ad16f54d1cf09bdc

SHA1
3977901e843e74116509fe4c077ebf73679509d2

SHA256
8bddcc061e9059c4b44f9c28c77739d86109bd9d322768349c7d66fe2291b5a7

SHA512
4db06ccf25a41a9e8158a07c47804428a479ad9184fc213038cab09c7c63d665c70abd520fe5853f03e3e228f95cfa3f85e7e15d5e1b5de91714dfe5dc3c1bda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
fbcb8e1ad4311a2054c8f11e3828467a

SHA1
f33ca6ea208f629cd825cd3a70c4d7f4e59759ab

SHA256
8ad68ee923a1ed40eeffd5ea946f925d4b7eef6ccce5119ccad903d88e1c6ccc

SHA512
8b2ae3b46787bcc1d57b212039c38dff578e535fbfd977ebdc166953c77e08f1da8e2e5d64ff5b037e87151b6687e8cadb5d21222863888e2316ddeeee4caf54

Download Submit
memory/5032-1157-0x000001E096C90000-0x000001E096C91000-memory.dmp

Filesize
4KB

Download
memory/5032-1160-0x000001E096D30000-0x000001E096D31000-memory.dmp

Filesize
4KB

Download
memory/5032-1161-0x000001E096D30000-0x000001E096D31000-memory.dmp

Filesize
4KB

Download
memory/5032-1155-0x000001E096C90000-0x000001E096C91000-memory.dmp

Filesize
4KB

Download
memory/5032-1153-0x000001E096C10000-0x000001E096C11000-memory.dmp

Filesize
4KB

Download
memory/5032-1158-0x000001E096D30000-0x000001E096D31000-memory.dmp

Filesize
4KB

Download
memory/5032-1146-0x000001E08DFC0000-0x000001E08DFD0000-memory.dmp

Filesize
64KB

Download
memory/5032-1159-0x000001E096D30000-0x000001E096D31000-memory.dmp

Filesize
4KB

Download
memory/5032-1142-0x000001E08DF80000-0x000001E08DF90000-memory.dmp

Filesize
64KB

Download