Analysis

  • max time kernel
    101s
  • max time network
    106s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-12-2024 19:37

General

  • Target

    https://file.io/eAiPQjs6JwmY

Malware Config

Extracted

Family

eaglerat

C2

127.0.0.1:8523

127.0.0.1:9875

Signatures

  • EagleRat

    An open source modular remote access trojan written in C#.

  • Eaglerat family
  • A potential corporate email address has been identified in the URL: =@L
  • Executes dropped EXE 3 IoCs
  • Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Program crash 3 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 41 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://file.io/eAiPQjs6JwmY
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:64
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffd5f9ecc40,0x7ffd5f9ecc4c,0x7ffd5f9ecc58
      2⤵
        PID:4940
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1904,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1900 /prefetch:2
        2⤵
          PID:2376
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2168 /prefetch:3
          2⤵
            PID:3100
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2232,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2396 /prefetch:8
            2⤵
              PID:2684
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3124,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3148 /prefetch:1
              2⤵
                PID:2808
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3188 /prefetch:1
                2⤵
                  PID:1816
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4596,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4608 /prefetch:8
                  2⤵
                    PID:4748
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=5020,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4668 /prefetch:1
                    2⤵
                      PID:2100
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5116,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4920 /prefetch:1
                      2⤵
                        PID:4524
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5136,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4804 /prefetch:1
                        2⤵
                          PID:3540
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5252,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5292 /prefetch:1
                          2⤵
                            PID:1092
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4944,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5092 /prefetch:1
                            2⤵
                              PID:4396
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5536,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5564 /prefetch:1
                              2⤵
                                PID:1072
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5720,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5740 /prefetch:1
                                2⤵
                                  PID:3920
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5676,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5700 /prefetch:1
                                  2⤵
                                    PID:2680
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5872,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6004 /prefetch:1
                                    2⤵
                                      PID:2476
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5240,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5168 /prefetch:1
                                      2⤵
                                        PID:5032
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6448,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6548 /prefetch:1
                                        2⤵
                                          PID:3008
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6468,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6572 /prefetch:1
                                          2⤵
                                            PID:2852
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6476,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6692 /prefetch:1
                                            2⤵
                                              PID:1640
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6580,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6816 /prefetch:1
                                              2⤵
                                                PID:2360
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6660,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6932 /prefetch:1
                                                2⤵
                                                  PID:704
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=7148,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7156 /prefetch:1
                                                  2⤵
                                                    PID:2252
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7288,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7328 /prefetch:8
                                                    2⤵
                                                      PID:4896
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7304,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7436 /prefetch:8
                                                      2⤵
                                                        PID:3780
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7560,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7388 /prefetch:8
                                                        2⤵
                                                          PID:2352
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7664,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7652 /prefetch:8
                                                          2⤵
                                                            PID:4024
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=7760,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7924 /prefetch:8
                                                            2⤵
                                                              PID:4044
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=8144,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8184 /prefetch:1
                                                              2⤵
                                                                PID:4016
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=8316,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8324 /prefetch:1
                                                                2⤵
                                                                  PID:1472
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8468,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8488 /prefetch:1
                                                                  2⤵
                                                                    PID:596
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=8332,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8600 /prefetch:1
                                                                    2⤵
                                                                      PID:2756
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=8732,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8740 /prefetch:1
                                                                      2⤵
                                                                        PID:1132
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=8748,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8872 /prefetch:1
                                                                        2⤵
                                                                          PID:2716
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8880,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9004 /prefetch:1
                                                                          2⤵
                                                                            PID:3696
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=9124,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9028 /prefetch:1
                                                                            2⤵
                                                                              PID:4364
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=9148,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9256 /prefetch:1
                                                                              2⤵
                                                                                PID:2952
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=5548,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9280 /prefetch:1
                                                                                2⤵
                                                                                  PID:1980
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7424,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8156 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5480
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=9700,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9716 /prefetch:1
                                                                                    2⤵
                                                                                      PID:5488
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=9852,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9860 /prefetch:1
                                                                                      2⤵
                                                                                        PID:5496
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=9892,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9992 /prefetch:1
                                                                                        2⤵
                                                                                          PID:5504
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=10112,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10132 /prefetch:1
                                                                                          2⤵
                                                                                            PID:5512
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9400,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8728 /prefetch:1
                                                                                            2⤵
                                                                                              PID:4684
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=10576,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10592 /prefetch:1
                                                                                              2⤵
                                                                                                PID:1488
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9160,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9564 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:6156
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=10836,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10848 /prefetch:8
                                                                                                  2⤵
                                                                                                    PID:6216
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=10852,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10908 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:6228
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=9848,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10896 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:6708
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=11280,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11320 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:7036
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=6360,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10732 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:7140
                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=11512,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11496 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:4948
                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=11680,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11720 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:6412
                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=11304,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11892 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:976
                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=11864,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11624 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:6252
                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=11140,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9672 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:6632
                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=11876,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8568 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:6320
                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11904,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11868 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:6332
                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=11912,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11924 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:6644
                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=11292,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8296 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:6404
                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=8504,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11764 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:6388
                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=11164,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11808 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:6364
                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=11136,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8676 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:6308
                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=11960,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11984 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:6428
                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=11976,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7816 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:6772
                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=11312,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7312 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:6376
                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=11712,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9304 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:6436
                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=11700,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9392 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:6572
                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=12020,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9136 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:6372
                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=4640,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8720 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:5224
                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=5712,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4632 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:4420
                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=9184,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9176 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:5192
                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=7964,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9260 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:4672
                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=9680,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=12068 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:6008
                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=9208,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11508 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:1776
                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=9236,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8100 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:6020
                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=8512,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11484 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:6032
                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=5592,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7752 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:6948
                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=7852,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9332 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:6924
                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=7312,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7912 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:4016
                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=8448,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10652 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:6380
                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=10664,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8036 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:6136
                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=8108,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5816 /prefetch:8
                                                                                                                                                                          2⤵
                                                                                                                                                                          • Modifies registry class
                                                                                                                                                                          PID:5392
                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=6296,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7936 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:6368
                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=11316,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10276 /prefetch:1
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:6588
                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=10692,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11124 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:220
                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=10648,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10644 /prefetch:1
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:6640
                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=10668,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7992 /prefetch:1
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:1716
                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=5144,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7616 /prefetch:1
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:3740
                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=9028,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=728 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:4740
                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=8296,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9128 /prefetch:1
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:5628
                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=7592,i,16741750564042127985,14253379483462290845,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9340 /prefetch:1
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:3260
                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                                                                                                                                                                          1⤵
                                                                                                                                                                                            PID:2192
                                                                                                                                                                                          • C:\Windows\system32\svchost.exe
                                                                                                                                                                                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                                                                                                                                                                            1⤵
                                                                                                                                                                                              PID:4664
                                                                                                                                                                                            • C:\Windows\System32\rundll32.exe
                                                                                                                                                                                              C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                                              1⤵
                                                                                                                                                                                                PID:6628
                                                                                                                                                                                              • C:\Users\Admin\Downloads\virus.exe
                                                                                                                                                                                                "C:\Users\Admin\Downloads\virus.exe"
                                                                                                                                                                                                1⤵
                                                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                                                • System Location Discovery: System Language Discovery
                                                                                                                                                                                                PID:4392
                                                                                                                                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                  C:\Windows\SysWOW64\WerFault.exe -u -p 4392 -s 984
                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                  • Program crash
                                                                                                                                                                                                  PID:5188
                                                                                                                                                                                              • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4392 -ip 4392
                                                                                                                                                                                                1⤵
                                                                                                                                                                                                  PID:976
                                                                                                                                                                                                • C:\Users\Admin\Downloads\virus.exe
                                                                                                                                                                                                  "C:\Users\Admin\Downloads\virus.exe"
                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                                  • System Location Discovery: System Language Discovery
                                                                                                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                  PID:3920
                                                                                                                                                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                    C:\Windows\SysWOW64\WerFault.exe -u -p 3920 -s 1040
                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                    • Program crash
                                                                                                                                                                                                    PID:1696
                                                                                                                                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                  C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 3920 -ip 3920
                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                    PID:776
                                                                                                                                                                                                  • C:\Windows\system32\taskmgr.exe
                                                                                                                                                                                                    "C:\Windows\system32\taskmgr.exe" /4
                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                    • Checks SCSI registry key(s)
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of FindShellTrayWindow
                                                                                                                                                                                                    • Suspicious use of SendNotifyMessage
                                                                                                                                                                                                    PID:2108
                                                                                                                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                                                                                                                    C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\ShowConfirm.cmd" "
                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                    • NTFS ADS
                                                                                                                                                                                                    PID:7020
                                                                                                                                                                                                  • C:\Users\Admin\Downloads\virus.exe
                                                                                                                                                                                                    "C:\Users\Admin\Downloads\virus.exe"
                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                    • System Location Discovery: System Language Discovery
                                                                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                    PID:1924
                                                                                                                                                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                      C:\Windows\SysWOW64\WerFault.exe -u -p 1924 -s 1036
                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                      • Program crash
                                                                                                                                                                                                      PID:6860
                                                                                                                                                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                    C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 1924 -ip 1924
                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                      PID:5864

                                                                                                                                                                                                    Network

                                                                                                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                    Replay Monitor

                                                                                                                                                                                                    Loading Replay Monitor...

                                                                                                                                                                                                    Downloads

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      649B

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      ef60b70c0a46acd91d6662f430155f37

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      7ebbfae6bac1a944af62c67bccbf052217d10d26

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      ba5cc968a41cc32e7b8f2798ccfc96c5fa529daa085e62d83ddb23ab6556b68b

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      55e8208adc1aed30eb71ae9fc8a16113bd2d9546011499aacdee561707fa2601f0b37b344502bc302283d559d14dddd8615ce160ee1a007a67dfc2e62611bb39

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      33KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      7e3f6cf5a9fce4231845eebe27d2d06d

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      36d732ccfe4b28982464de99baceec7deeeb88e1

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      3b71cf842a6f20e9324a22401f6117ee6dd3170ee50af36f86a1a2eeda8f6644

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      fe7375bda4a1591ccab9eb77ee7776ad0f1b8bb79cb8d69e77a56bdc55da2232cfafae9aa7dfbc12d7cab41be38ee39b65589de22a5ee81051bb7489d0c78203

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      153KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      1b2731006f2b2597b02859e501bc2d4c

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      118d27a703cef3fb083593a56bbc93e62420f30a

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      59dc184cbc1a318493460d1d78999cfdaaaac9a457b5a3a02c2567dfa17314bd

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      f7452f91afe2fbfcb04f80dc7b051d874224de8790bbc53858678332a6b49f7295a15989a587811e1e8fb58a38625ec3e15657d88a367fd50d5b201d7abbe90c

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      1024KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      722a5c8e9a28cf3220825f4e555176a3

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      c662f0371ee534a0e20b1b9e6a5f49e4609fb86d

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      21b7757220221262068a3943e4c7ac09e690e65c40403f3a20af4f58d1e5cf81

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      0a9cc0a324b3bbc7046be76103ea9c909d6bce6017cfb7c409344d7610b8d720be6e115775ff56b4ade6e304e69cdd944482d5f2511865dd30bd60afd0282291

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      20KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      60dc4c8d075c2f821712c1d627bed9f8

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      e9a5b07e40ff832ca6ea5647f2ce0c673216b5ed

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      ccac68fb2041f85eed7ed7c6bbcd88de575a5fff4d9e1951c85224582f857fd3

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      5f8f1cabdd1c2c42d868bd4e7c8e762c5c8a86034716926f21ecbec0b4a0aa4e6c87eac90febf256eeeb6009a699caa2e252c64ed8c385ef212fc29b28ce9b03

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0ca4572f3dbd7a1a_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      254B

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      1a2cb5de98459b9db16fa2ded74f5d28

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      2977ca2970e19b777bb1993abdf643beb1508efe

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      44991430ea95742e384037a05b7e6c39515be5b843939ad926b641ea86f6ad87

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      ce3868396b1348aaf373b005ea056c68f85d7405fab1f5e8a54f316c4e83256775e3182b4831a899f697e4d04682b1b26367c070e1113e0077a03db23c13cf7a

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\151d0846dc7a7f84_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      55KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      bedd73b20843f72954758e19255ea27e

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      44e23450baf2975de09270323c324dfabab034da

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      3845519c744408e09966685354ded95f07a036a6541a6a7262458831e3061113

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      4c36122b68ffed86789e8e8d2d1271be885f97705c53f5ed8b531c3a869f000f669fd326504077b0222bee1dc340dbba4bf981167654ceaf5bf9d44d3b0009e1

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\229ca002659213a7_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      28KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      6cdc4cd40e367bfdc70d2005ac426284

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      0e7a476264094a51ed3cd97fd0a6594242689094

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      473c75d43f487d2b966485b88b13f03d4e2f01ea871a04e5d33af9cf6a5ca2a2

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      82a916cf302480f4ef4293a3ffac7c38b3771bb8c4fa66386b89b331a75def341a7b6387150a98a51a27900d76d6bae1785fbea463714d6849b6580c68d25748

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6ad1a5bef090b736_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      253B

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      c5dfa8389492f18221f61f0f41aa4f91

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      8e2969358555bdc017f3d8b9b55e52baad49fac5

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      620f1cf8f101d62ef1f1e707f2a21750cdff6f33b6feecd4ad97251beaba5097

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      21a83e704fe0b750f6178f13392d6ecfa16fa778a32331d15d24b42ee8f55e510ff0b3aa12333d350a43725ce0169c4d7d1b30e4d465fc1d22532e25c62dcd54

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b1728ee6bb8d5047_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      549KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      a3d89a3b74301a244ddb97afdfa82112

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      564263c2f0630d111b24f96f463489e00ff528cf

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      91787e49db8e191db3c1bb757c59935f9c9acdcd97685863d2f597a845bcf5d9

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      ff95b68435cb74c1f9ebd3d9faf4e5afbe18810c92e41549b606fb17669d6849900f8d747ef5df78f9132c4ace9d3cfacfd0bef1fa1faba2ff04662b059236e7

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b4e5802bed96785c_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      291B

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      facfe7632a906a9437c1f63362766137

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      94816d54079dfd1620d3026cc4aed36a69de4ff0

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      8584b94900fec84a45be9cdf85c950315523ce792abca45cce97c7ff5d0ef4b4

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      9b9b81490f88574ea09adebc326ff1df33e2f779f223cb2516c35781d696cbdd4e179e40afab47fb6f903943ce8def1a2ef6dffae4ab1b7fccb6428046a2ad45

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b828986f817ab44b_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      158KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      b22b454d9a8c6639bab93ae458c99632

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      2152b199bae3dc28d2caceb3b296e1c0fe3b9abc

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      aec03d9087732f598160d68122932366b40ea1f4c9c9ee2f916e708d81733612

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      9dc4e0fb999e89caee0baa3d8b21c7f5186a00c429371abd3c13d767e2787afb35bd2a075614ae3f195e283733e47e5b1596df47b6f522e2cdd225ec90047ac9

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4e76d992ce193c3_0

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      305B

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      93a7aae08153aff0fb7b153019a37ec6

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      85024a17adb0774413c6a6f877478e628c4e7e21

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      c2fc725f361b9ecfc5b102ec63c7a819f36c35f6b50eb89c6558d45965ae9996

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      f8cb086f9f421e1206cf3ff806444351c520d3351bc3e1d395b5d05915957e13cccadc6a5329ad0a8d357ee43196c912bab100b36749085da987ae620fd110d6

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      34KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      97274729b2090e9c229b722009426440

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      9301ef31565e31f2cf6e86af19c6acfa37d7ae08

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      efacde077e104d729d54825ab58bef4d38dab9d4ae8499b2a2dba329edc00f1f

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      dcb8b68b86aaa29164233f145d549e4349a98f63a728cb36516019d7c8143226ef27405acb15f90b8a6a09bb325205c55d817cadd497f7e0e7760566cb421aca

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      2B

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      d751713988987e9331980363e24189ce

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      3KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      553b497668204156035a0f1a1c2d4f2b

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      49c9477b799bdea4f8aaf2dae4782fbbe10fbf59

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      270e0d5f528b298643e62747b263590a5f260f51bbe3e7ab2d2d4b12f0846bbf

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      efd071d089ad6f521a2b4758b813c624a716562cdcb392d9bb044a6c8aaebac3f50b43ec4b2aed4d7a6d124881baee08d8661b2c70b6ade37751f6715340771e

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      6c11335b750773ddb4b1a1a421bd8bad

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      d232fd4e348fadd933046ce268618b1ff53e783e

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      655c4fe397c886537adf750b81e84b79b39220c7d734c3454ccd64c760511fb5

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      989a52ddecca149dd16a30b3332f6e493353b4bbd4cfecd673d9afb336a8085fc292a93e3d3cce0623ef7315093c9ac252d1d64d6ecb93fe191a95a2dfd6d0c6

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      8b1251eec71fae2b93d6c043e1baf02d

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      95515f5475a95b069232b7af0b58957afe41a5ac

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      9b95a126657ff657b3cd1a751784ef30967241ec0e99197d8d3d1ed8c0878368

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      eff1c42cf81facc9d52502fd6e1ea1da236d7e2f6e0e7d17493ce0108e18e68a1350fbf76a96c60ab243acdf9f62b2320599977c4fb7a3b5b24f3a7eb4bffb27

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      9KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      3fb877939e6ee6222beabc662507088a

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      fa81b1f69a9d2a5af893a92b134f61118e29e4f8

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      6330c05e0960856147f3b7efb2eb18d38e8fd03adc8377ecdfba2287ebefe417

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      2aece7f26b73bd5173d3e1af9c7b3f82dac1a1322b412d1d459891820357aca3743c4edaa195885595ce23af90a2509f62cebe4391b2455d22b772b029c808c2

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      9KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      a7f00dbc757296b1a196f8b7abcb28de

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      125b97212818ea05908f03474bf5346ff90b81b7

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      51b8e346054b52ff11c633714077fc8e07cf44b759131ce0c19d85a1b5ffafd4

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      9a309ab774e1b2ce4009685144b40abb327d7d2239a819e0e7f157221f2abf19fc1b6ef0589bf66312c2dd27ae947725598fb5d9bf270def4f13a7497b639e03

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      11KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      3d3183f7a3d245605fc2c01e70f096a7

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      db0436bf1930191c291c7fa675cad0ac20ba59e2

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      c062d64bb175b578c533b109cd9513b55fdc0f9b108c91a0c08ba1b7c58de97c

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      0638117405dc1cb3c3ecef7de5d994a8a161e7f8800c39dea578234836c6a37c8a67b71b7880aad769cbce755cff7e75adf3fdf55f08c5cf6aaa297abbe4f21b

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      9KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      cbcfecad394c98dd18b5e76ba95ebdd2

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      ccf0c0719a82a4b7297ced5e057e2cb73973386a

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      9a0fbc1767fd4208f1fd0b58231b0638ba63012630a70e72f7c03bd09ba226b1

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      77ac226ecf7dba5af02d72c0c2c291786d312d2629c5bf275754861b58cbaaf4159299f7ae42b6207e1a7197c53c8ac182780b02710e5c90e5e2b1762c8d6766

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      9KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      bd6ff10cb91671a0f8b22e7c4505c6ea

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      9e3c210a3f9a2fbad2972beec6d13bda4e059e0f

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      da5311474e5bf4d4d855b8e9d350f428b948fd89a1322971bb89f6fa432b91c6

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      2407a1aaddbed1638a69b6467c882ea69fafa22d877fa5e3d6a585ab638279c2e4c231cd2b8898b329347621333692636b643d5cf0cde0e52eb54cf2b95af8c8

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      9KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      f5b25d82c94239bf986220d05caac367

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      ce4fc561755eb1ca99c57a66b52bda0be3435eaa

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      8f09180408994bf3bb175e5d784120ff9d2caadb2028029cb7dcb1b8a603dd92

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      f705ce1711fafb269ac2d2097ea10a5f3900ed569b294324d8211723d601f763642ba259a87afa82fd212c860cbba98f744b821eccf42683a4c01428f03ee91c

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      9KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      65a0df799c4bff78238216b323bbd5de

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      94a3249fc7b2043d3ec0630bcbebb54751000a42

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      f28b8160581fa580a2a5af7a24b6ddbb1d2ec236aa4ec28254351ef7acda5dcc

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      21bdecfa9bc896ac7f2a1f02cfe19a7b7d1701740a027f562539b93987520d1be4d9d1d91797da59a8e28750e6288cc27b5692aa6e351bd2dd7b52f323faeb88

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      116KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      dec1bbf98a92331f77ada4c96ef987d1

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      ebf1119f325b3976711e1fd92d53829cad677e90

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      cca51c3a425f8a848d8f62ab0eead382d17f3b7c89888e2d57889c279b742052

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      ad1bd4e9c2562ecf611e146f3d9d972c60b6440e139b6c2978b142279251b1128ce5aa08612e5d420b6ba6d74214c3dd4e22bbebd86260325ad91de5a70171c9

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      116KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      ece9a7f4e9ff3a6df438e542234c185f

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      6e0f1dea9c7c864209686b51813eeb34032f8d92

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      b94f609fabd86cb026f40871c192f1ef7e6a85f0c56e8d600b7476db0d9296f9

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      9955f08cb5ee512f5998f209ec89cc12351f27740e88522ba11345722a1dac1e7df41e4638f83adcd9c305098b99cca7d298f43e232fbc504199e5d749d8549d

                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\virus.exe

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      64KB

                                                                                                                                                                                                      MD5

                                                                                                                                                                                                      a7189a0ceb12391b5fb08a5daf23c1ce

                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                      47a5abd499b046684683222fef28f7fbb2d97b37

                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                      ad4e1f833c7c19521ec05df6a40e3fe6402be941b3ac91115c560ff9d97bb3bf

                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                      d4eaab74bb3aa3d57fbdbabeee3c0ebc3abd0e69a15f78ec525cea9353ff937c98195d447df7d6651d221afeed8c8d9efbb9e9fe8faa0a98ac15400cd7ef67b2

                                                                                                                                                                                                    • memory/1924-518-0x00000000030F0000-0x0000000003102000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      72KB

                                                                                                                                                                                                    • memory/2108-395-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-404-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-403-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-401-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-400-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-399-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-405-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-402-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-393-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/2108-394-0x000001F1D89B0000-0x000001F1D89B1000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB

                                                                                                                                                                                                    • memory/3920-370-0x00000000744D0000-0x000000007457B000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      684KB

                                                                                                                                                                                                    • memory/3920-369-0x0000000005720000-0x00000000057B2000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      584KB

                                                                                                                                                                                                    • memory/3920-366-0x00000000051F0000-0x0000000005202000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      72KB

                                                                                                                                                                                                    • memory/3920-365-0x00000000744D0000-0x000000007457B000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      684KB

                                                                                                                                                                                                    • memory/4392-348-0x0000000074500000-0x0000000074CB0000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      7.7MB

                                                                                                                                                                                                    • memory/4392-338-0x0000000074500000-0x0000000074CB0000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      7.7MB

                                                                                                                                                                                                    • memory/4392-337-0x0000000005530000-0x00000000055A6000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      472KB

                                                                                                                                                                                                    • memory/4392-334-0x0000000074500000-0x0000000074CB0000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      7.7MB

                                                                                                                                                                                                    • memory/4392-333-0x0000000005960000-0x0000000005F04000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      5.6MB

                                                                                                                                                                                                    • memory/4392-332-0x0000000074500000-0x0000000074CB0000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      7.7MB

                                                                                                                                                                                                    • memory/4392-331-0x00000000052A0000-0x00000000052BA000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      104KB

                                                                                                                                                                                                    • memory/4392-330-0x0000000001020000-0x0000000001032000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      72KB

                                                                                                                                                                                                    • memory/4392-327-0x0000000000950000-0x0000000000966000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      88KB

                                                                                                                                                                                                    • memory/4392-326-0x000000007450E000-0x000000007450F000-memory.dmp

                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                      4KB