njrat | 32208b799047de8f44aeea18a62c8ee4518026141e300ede79494b972c325cc8

Analysis

max time kernel
899s
max time network
903s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
05-01-2025 08:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

avaydna.exe
Size

43KB
MD5

63f511fef91ec6145ef47f17947f6d74
SHA1

562dcc427d36d26c98279a53eefc7635f4950652
SHA256

32208b799047de8f44aeea18a62c8ee4518026141e300ede79494b972c325cc8
SHA512

5c0ffecaa517ed2a9be066b9ec5b594d3a22969af7280417c50107202db89eda4671f1014619f1ffdbc0818108d068695e572c99fd8a83579e79e6aa0ed3b3aa
SSDEEP

384:ZZyT5ctOnwtOyW6aEscONE3tvLE02L2IfzgIij+ZsNO3PlpJKkkjh/TzF7pWn61p:7QqAwt/W6ZscONE3RT2LruXQ/oN7+L

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

both-foundations.gl.at.ply.gg:60732

Mutex

Microsoft Edge Updater

Attributes

reg_key
Microsoft Edge Updater
splitter
|Hassan|

Signatures

Njrat family
njrat
njRAT/Bladabindi
Widely used RAT written in .NET.
trojan njrat

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	avaydna.exe

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133805408874707968"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3973800497-2716210218-310192997-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
1936	msedge.exe
1936	msedge.exe
1904	msedge.exe
1904	msedge.exe
696	identity_helper.exe
696	identity_helper.exe
2456	msedge.exe
2456	msedge.exe
3908	msedge.exe
3908	msedge.exe
3908	msedge.exe
3908	msedge.exe
1856	chrome.exe
1856	chrome.exe
6236	chrome.exe
6236	chrome.exe
6236	chrome.exe
6236	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3640	avaydna.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: 33	3640	avaydna.exe
Token: SeIncBasePriorityPrivilege	3640	avaydna.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeDebugPrivilege	5032	firefox.exe
Token: SeDebugPrivilege	5032	firefox.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: SeShutdownPrivilege	1856	chrome.exe
Token: SeCreatePagefilePrivilege	1856	chrome.exe
Token: 33	3640	avaydna.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1904	msedge.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe
1856	chrome.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe
5032	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3640 wrote to memory of 1904	3640	avaydna.exe	78
PID 3640 wrote to memory of 1904	3640	avaydna.exe	78
PID 1904 wrote to memory of 808	1904	msedge.exe	79
PID 1904 wrote to memory of 808	1904	msedge.exe	79
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 2792	1904	msedge.exe	80
PID 1904 wrote to memory of 1936	1904	msedge.exe	81
PID 1904 wrote to memory of 1936	1904	msedge.exe	81
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82
PID 1904 wrote to memory of 4780	1904	msedge.exe	82

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Users\Admin\AppData\Local\Temp\avaydna.exe
"C:\Users\Admin\AppData\Local\Temp\avaydna.exe"
1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:3640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://meatspin.com/
  2⤵
  - Enumerates system info in registry
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of WriteProcessMemory
  PID:1904
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa88043cb8,0x7ffa88043cc8,0x7ffa88043cd8
    3⤵
    PID:808
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1996 /prefetch:2
    3⤵
    PID:2792
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1936
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
    3⤵
    PID:4780
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1
    3⤵
    PID:1648
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1
    3⤵
    PID:4720
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1
    3⤵
    PID:4148
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
    3⤵
    PID:3208
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
    3⤵
    PID:2108
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
    3⤵
    PID:3980
- - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5680 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:696
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5688 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2456
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
    3⤵
    PID:2748
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1816 /prefetch:2
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:3908
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
    3⤵
    PID:1476
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1980,4933497717359863486,131694714309931840,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6096 /prefetch:8
    3⤵
    PID:4148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.meatspin.com/
  2⤵
  PID:1372
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa88043cb8,0x7ffa88043cc8,0x7ffa88043cd8
    3⤵
    PID:4328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.meatspin.com/
  2⤵
  PID:4924
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffa88043cb8,0x7ffa88043cc8,0x7ffa88043cd8
    3⤵
    PID:4600

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1412

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:768

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa881acc40,0x7ffa881acc4c,0x7ffa881acc58
  2⤵
  PID:2160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1816,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1820 /prefetch:2
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2108,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2116 /prefetch:3
  2⤵
  PID:1616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2160,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2188 /prefetch:8
  2⤵
  PID:3088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3084,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3184,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3380 /prefetch:1
  2⤵
  PID:576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4352,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4340 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4832,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4380,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4640 /prefetch:8
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4604,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3676,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4232 /prefetch:8
  2⤵
  PID:5932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4312,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4504 /prefetch:8
  2⤵
  PID:5192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4608,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4568 /prefetch:8
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4216,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4572 /prefetch:8
  2⤵
  PID:6360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5064,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5080 /prefetch:2
  2⤵
  PID:6316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5304,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3896 /prefetch:1
  2⤵
  PID:6528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5296,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5092,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4468 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4848,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4600 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=4356,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:6752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5364,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5388 /prefetch:1
  2⤵
  PID:6804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5508,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:6856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=2696,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5596 /prefetch:8
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=5800,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5720,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5776 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=5816,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:1816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=5704,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5752 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6448,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:6476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=3256,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:3228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6748,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:4404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=6656,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6700 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6648,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6692 /prefetch:1
  2⤵
  PID:6968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=6680,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7080 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=6912,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7244 /prefetch:1
  2⤵
  PID:7116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7384,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7376 /prefetch:1
  2⤵
  PID:6412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7392,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7552 /prefetch:1
  2⤵
  PID:1540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7680,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7696 /prefetch:1
  2⤵
  PID:3932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7252,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7720 /prefetch:1
  2⤵
  PID:6348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7916,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6856 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8072,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8112 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6024,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7968 /prefetch:1
  2⤵
  PID:6908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=7660,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:6764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7600,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7584 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=4756,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:6608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=7412,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6664 /prefetch:1
  2⤵
  PID:6824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=6972,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6600 /prefetch:1
  2⤵
  PID:1288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=6384,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5732 /prefetch:1
  2⤵
  PID:7052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=6364,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6408 /prefetch:1
  2⤵
  PID:1844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=6848,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7848 /prefetch:1
  2⤵
  PID:6952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=7488,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8240 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=6564,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7176 /prefetch:1
  2⤵
  PID:344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=7372,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7908 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=6140,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6092 /prefetch:1
  2⤵
  PID:6696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8000,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7432 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7456,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7420 /prefetch:1
  2⤵
  PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=8340,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8280 /prefetch:1
  2⤵
  PID:6776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=7408,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2700 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=6524,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6336 /prefetch:1
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=5732,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7692 /prefetch:1
  2⤵
  PID:6228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=6292,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8152 /prefetch:1
  2⤵
  PID:6984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=8272,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6336 /prefetch:1
  2⤵
  PID:6952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=6476,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6836 /prefetch:1
  2⤵
  PID:6424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=6820,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:6848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=8304,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8176 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=8292,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8252 /prefetch:1
  2⤵
  PID:6124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=7744,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8300 /prefetch:1
  2⤵
  PID:6364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=4812,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7092 /prefetch:1
  2⤵
  PID:6160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=6180,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6536 /prefetch:1
  2⤵
  PID:6508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=7076,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7936 /prefetch:1
  2⤵
  PID:6172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=6796,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6412 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=6500,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6472 /prefetch:1
  2⤵
  PID:7120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=7188,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7848 /prefetch:1
  2⤵
  PID:2324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=6496,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6552 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=6540,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6688 /prefetch:1
  2⤵
  PID:3348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=7404,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6528 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=4960,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:6456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=4476,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1424 /prefetch:1
  2⤵
  PID:3824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=8284,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7116 /prefetch:1
  2⤵
  PID:3208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=7424,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6200 /prefetch:1
  2⤵
  PID:6852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=4944,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=6808,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7360 /prefetch:1
  2⤵
  PID:6904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=4976,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6320 /prefetch:1
  2⤵
  PID:2608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=4892,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8068 /prefetch:1
  2⤵
  PID:6796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=7944,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7656 /prefetch:1
  2⤵
  PID:6156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=6872,i,6357542035862025385,120619570586138646,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4640 /prefetch:1
  2⤵
  PID:3328

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3576

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:4292
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  PID:5032
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1956 -parentBuildID 20240401114208 -prefsHandle 1860 -prefMapHandle 1852 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {a07ea8be-87d4-4be2-a923-a8cd1f68236b} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" gpu
    3⤵
    PID:2636
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2376 -parentBuildID 20240401114208 -prefsHandle 2368 -prefMapHandle 2356 -prefsLen 23714 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {06120718-0a85-479c-9cbe-85f717d3e56d} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" socket
    3⤵
    PID:3004
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2688 -childID 1 -isForBrowser -prefsHandle 3076 -prefMapHandle 3032 -prefsLen 23855 -prefMapSize 244658 -jsInitHandle 1124 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8d112ed4-5241-4a8c-b478-ff9fa259b3ef} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" tab
    3⤵
    PID:5316
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3844 -childID 2 -isForBrowser -prefsHandle 3836 -prefMapHandle 3832 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 1124 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e79ce865-b9ea-4021-b820-273b65df94e2} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" tab
    3⤵
    PID:5548
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4280 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4268 -prefMapHandle 4264 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {770bc0c3-eace-448e-87e0-5d9940c26733} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" utility
    3⤵
    - Checks processor information in registry
    PID:5720
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5444 -childID 3 -isForBrowser -prefsHandle 5460 -prefMapHandle 5400 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1124 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e3ec322-1c9a-43a2-8142-51014c6a4d1a} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" tab
    3⤵
    PID:5252
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5656 -childID 4 -isForBrowser -prefsHandle 5736 -prefMapHandle 5732 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1124 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9e008c05-6c46-493d-b95e-a745f2b9e006} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" tab
    3⤵
    PID:5268
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5884 -childID 5 -isForBrowser -prefsHandle 5828 -prefMapHandle 5824 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1124 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a42849fc-742a-4dfe-b13a-57211d11c142} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" tab
    3⤵
    PID:5280
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6168 -childID 6 -isForBrowser -prefsHandle 6164 -prefMapHandle 5232 -prefsLen 27257 -prefMapSize 244658 -jsInitHandle 1124 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {aefc9714-8468-48f0-aa84-b90b1c5d0db6} 5032 "\\.\pipe\gecko-crash-server-pipe.5032" tab
    3⤵
    PID:5828

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:6088

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004C0 0x00000000000004DC
1⤵
PID:3700

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:4384

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

Filesize
64KB

MD5
b5ad5caaaee00cb8cf445427975ae66c

SHA1
dcde6527290a326e048f9c3a85280d3fa71e1e22

SHA256
b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

SHA512
92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

Filesize
1008B

MD5
d222b77a61527f2c177b0869e7babc24

SHA1
3f23acb984307a4aeba41ebbb70439c97ad1f268

SHA256
80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

SHA512
d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
e232317369fc96c9aaca4ae8e9bf9bfd

SHA1
cd74f718b87860b51ad5f986e327491d0cd6799d

SHA256
b8200dc39634a3e090db77cea671fdd45288e219446f8c5ae9bc368bfde53fe3

SHA512
42b1711f9145a12a3b8f790a818b177515f9c5d88b558470c9f6ddf836debbb5753f76f0dc629e65570f068f2896887cfa7f89026b814e14631ec36fd31c5ef6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
1024KB

MD5
a34c1a653187433f30d929655b3406d9

SHA1
de227af857f42439466ae43b6025cc2934099cf2

SHA256
fb1dfd507bb475bbced839c268ae853cdb88e32fb9058ed6845df20ae223e9ad

SHA512
058348ce7011ce221a288867d3074570afdbef60d21d5263ad16e69f7e92606f93e0669f9093d0d5179462865bbe242e1d7c6cbc99b3bd1a688ddd6d29003478

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
69KB

MD5
931ee56f6e31248bc63f26dcda5a7582

SHA1
8832dce505783e95eb6f8780a5db886b5c56ad80

SHA256
4a80253edd096fd528d77e13ff2e5cbb11e672ad8bbd685c1182cc2b77379b9f

SHA512
7a5d3fd86b21ab027f7095c169d2271a8b32aa1fe7bf016579833a1d88d3a280f155567914db10cbc4c9cfc77062af1afa7868186371bbabfb2014226823077c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

Filesize
1024KB

MD5
fb0db2e60664d096dda49a34a7fbcf07

SHA1
f5b1a4dce61fd733a6b20076f562744a09e8238a

SHA256
0e9c6095bfc61b1c5f42c08f7dc695d8a3c9cdf35810b4508e2a292f5a4c7420

SHA512
118858271ab307732b320d743b58af1b4ec80b3e1f3865d3d81f0e421baba28d6d13dc4cc8c36552b99a514f5e8483e1e2b81158ad459dd096c956da477ec711

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

Filesize
1024KB

MD5
278f557c226f0a23b40ef17b0e2726ce

SHA1
90b523170af5b61bb547c26731f11558c50d19fc

SHA256
d5024fd6c1b2fef71ad405ae1c4d9d2e8185cb195cbdc832660488ffd2442b4f

SHA512
457449c940b5c60219dc1954cf9f4df056de0f980db1f99a438c099bccd81ceafdfebb7ef512c089d17a1b889de4cd248cb161debdb57cf7e55f68deba66221b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
1024KB

MD5
72ffc27b9b891cd29aed07b992e2b811

SHA1
00733fa9fcbd82b96bde2e53541432d4b04ea5e6

SHA256
cd53f2df4c5ef8761518710f4c3834513d2e60bebc010c256c9caf1293f9f5e9

SHA512
006505fb002fa0f7686c4e8bcfaa0e03855fb7c4504264562706f54e1f5332a5fc5bc9f4ebf0b8429fdd7d82cda54fda0573cbd589751490a9f245feb399092b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

Filesize
37KB

MD5
2a36ec50335b20a74fbaeb399ce6aab2

SHA1
487158633d0b508116f53e826a0b026c2cf51ee7

SHA256
68c30760f68d6813deb45f981ae23eb893c43a02957413e698fe3c8ee2368fcc

SHA512
96f355eeaac486787c1f466b451c5088f2b04e51ac47c31c623a75d42fdb2d1ae8474b27acca15ec7e0a2b6401c46d5740c0412d2b472d536f1e7b675118da1b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
18KB

MD5
a5743061b30521cb71f8df097bd805a8

SHA1
85858d1676682f2290d53b8283f50a353bd39bdf

SHA256
d67fcb05f836a58ce2a52d0d3159e408ca4bdb657bd8b60d188eecc1e75d21b7

SHA512
1e461853e780983ada397305e512fada42cfb6a465268d70a9af0da237ba7905accddab02ee7516aeb6c726d13c6d141f9fec88064cce833f13f94dabf020951

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063

Filesize
19KB

MD5
d62f3effa9bfc31e5118064780978372

SHA1
440dca5461d56478e4393b1010c8adb5ee9ed17e

SHA256
14f8e4437b6e5f773eae3774cf0cd462d41f62d8f0f7c9ad5c4138745fc253a5

SHA512
3ccc2e48423de5c76f8403b9c4f6ae7e15c29fe1bf702518c77889a9c9cd21e0d6f3702b60bc25e9c1878929a37c125835839f6d9b587933fe1a7388b7db9fe4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b3

Filesize
19KB

MD5
d9809c677f62db5277b81d5f91dd5936

SHA1
21a24a35be27dbc80fcc34d8f4d42fc4d1a5d0ee

SHA256
63a04ee37bf491e2cb879f68d04ecdad9dd2e025f7e32a417ff787c1d70f1870

SHA512
9392ff7ae277301614af6865528172347e86f7afc135e4fba40956dde56232f48e7c1be8d9c8f86db4c11eedcfbe4a510a5ff2671eedfcdc52a83af6912b562b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8b9c9b6b0146fd6e_0

Filesize
243B

MD5
ba062f92b297180552e2d5f1450753d1

SHA1
ce357b0a18490edbd4dbc35b07704a6bf91d27e6

SHA256
06cb4673935934f2f156f2fa122bd0d6945aea23860677247cf775a32c62c36d

SHA512
aec33cfdefb28adfcf89772b93cc28078b5dd52692a1c721ffb35d43ff8f186f807dcd145893f019231b15c7ef1bebb7990d39393d7c3be6fb3bba5518b545a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
624B

MD5
88a2f0282966662137242fa30093142e

SHA1
124714b69b5857a332958b5d2ce7237751fda2f4

SHA256
0ab5f64c3959afa494bb72706e91848f163875cdc9cb8ec6513a1ecd5069532d

SHA512
d219861228697b965c3b64e69d0e9144026954a60bd7d557889a8cbd072a0a3ba2c28fbaf88aa635a44c7ae7e01faa495230dc4d611dc38720baca814ba541a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
cc76ddb18d3b5ee4f69cab1731effadc

SHA1
346b1b0447ca9e7c3281fc002207424671432d33

SHA256
0af91531383d186b5dcb118ec1c3acbd55a98fb4e307646e7c384568d1bcb405

SHA512
22b0e05d3a0c492006a876eb4dd5e12693931e10e67acae6a584662dfa9d21335fa10a54e5fc9f3268796fdceaee7b8d3ecd303cb4604130bf360b3f22844b02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
21b66060c92e1780e9c3ead1d300fe9b

SHA1
a6281794bbc5c98710bcb2dea8d8e6919ea1de5a

SHA256
1053e1452224bcc97d039fe05be350104472b93a7d3392f375133b73d43088ec

SHA512
70e9422446b1d5a742be079df0fa10d16e0c59e0921d51d4ee3b0cc568505f254de8aac88b596ac54a917164f94eb59f4e52ed98ed6e2871466b500941c57206

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
1b4ecf001678b4b28613ca036183af5d

SHA1
f8ef2cc941465e7872c9d586998d017d2528b68f

SHA256
1a891c49c8da8d711e9ac07334a23eaff07d1749548ea7c8626d17fa3d71b3ba

SHA512
914f802acab6cd7b8a0592e0457411f427ae47f1378fa58f57e9c1887a29102563c14221704fa851055be8ce8db7034c43fb543a12402b58cbd8c3d6194beccd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a18d086200187d9468c7c7a2fae8a0ab

SHA1
1598afe663ce8d5666b81b43dc888ee784996da0

SHA256
02a01938f66c07899fbb7b11143f8f2eb3af98c952010bd49421ba781b930b21

SHA512
195222a9e1372d9215be13159feb0f5d00d4286448c8e330867480dcd501078608c0ab8cfe0a1c6ca0df3da56d0daf1e74789e28db17b6e63178d366808c446d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
bb6da69a3ec98265d85cd3d3b758bca0

SHA1
32495806b8cbbbda8c124dba0b96f2a71380e7d9

SHA256
651bce6a75bf7a9524dd894d65b85a9e8af135ecf403cffa2ddf28cb1d49f6cc

SHA512
250ba3241e593864a7cf35571785a5cfab62d32dae69b29350cde0e96f1a726ac5c47ea18ffeadf94310214a9be97ba8ab6ab0584927ec72f2a10c19c94208a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json

Filesize
851B

MD5
07ffbe5f24ca348723ff8c6c488abfb8

SHA1
6dc2851e39b2ee38f88cf5c35a90171dbea5b690

SHA256
6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

SHA512
7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
d459b9afc0a56c2adde1f2356ef3d937

SHA1
29153f1b22f972d251074370514fc99480312809

SHA256
16e14ad649b469dc498874be52fb5f57cc6611f8390dbc8bab8ea6d76a120ba1

SHA512
7d66c4d763bc98c91eaef7a7808b48ac5b1e17673dce2f94dbf68455fc69d450c5fb31b3857f511cfe3f9a13635fb6ead54511ba829a7d4c46b82ab8ddcd124d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
6KB

MD5
a309ab1f15e52558ed213b8928bfd0e8

SHA1
c3ca402cdb6579838450bd12f893e2ca3b38bb44

SHA256
4893e395fd16c4aea6271096e345a76f407f37de16fc9d58cac534f1d95c2203

SHA512
353ca9519fd7fb39c49d6170dd90f17558b58a73745ee3e1b8623e847786d65cb2be54e36b527c546d22d6fe85f48adb86e7bd3f579f170542a91025fd810869

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
0326451c9478de0dc686148b3e5c3bc7

SHA1
3181c4e157163e71f19f6f0600a6a3c14a3523d2

SHA256
1e08783c5d03cd716a34bbfa9c3dd66aa17ae0659d77629eab58d4307a96a77a

SHA512
c9832e8dc4a6dd0fb23d270db40d1b08e6fa70a882779c1996fbdb32c786359a0e04969d08878edab99224f2a5744298423fa8c6ccda3fffd97634fb3ad8a7b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
8398a1c18f26493519b03820bf72065f

SHA1
9fe5b35aae1cfa35b87817a611ef2c56d24b639d

SHA256
c04683fbafc1313136eb677dbcc53a8a5853316bb7a6a5cd1021dd76752ffc69

SHA512
ea56ad20c472726cbd6f31fbba044cec3aa7c1c273eed83e46a02ddfa5aaad8cd4b4fb08932af416035191805ee51a5f353b41da2034d78938c224df869317bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
0d6a336b44d1f64b2d0739ce026a8096

SHA1
dbad536dff692f2cc303314fdb60db4e3f855187

SHA256
e4758b3fd8da0caf66e9d96b032e2c3a66ed4a7d825956461b6cd6fa245f6fff

SHA512
071ceefc4a0858d0afcb5cd7b282f278cc5fa85984a4c2e147f473347d9ea5dbed43cf574c3088c0fe256c0970a235cccab19831f5635e57468f3477aa17c0e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
fda9ed00e30a94230c9fbdb8de0f6920

SHA1
e219ed099faf2a2c4d00f042e0929f41f4a264cd

SHA256
0175d963a0e499e0bbc7b5ef22ede7b798a91d985ba57556d0302e577666be60

SHA512
0e7508f308bc2b81b5974865c3da21b26512ef058a9d9b69c1c2b4bab8dbf8735804eba784062b3df9342caaf1cd5a70ae73aa3b5375abfa02b8b608be687341

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
75ec94ba3772ee6cc8cffd44f8a36258

SHA1
ef9cb8ce6efda857457293ee10ecd488a60c3b9d

SHA256
7704de6310237ef1096e9cba0868d6f7da6854d034c462dab90ab806270d910d

SHA512
54cbf7fe69e04f3fc9ff21eae860e9f26ed19680222cce8c63523b7f76d3c590179837a4ad08122c12b41fbf75c52a730aa5588e48376f4d0e647a88727d2d88

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
858B

MD5
9132ab0f189b048a5b7141f6e6c2fa79

SHA1
32da0fc0f81d18b13e0a03c0e8cb2f29c88507ed

SHA256
48798fe0e9c5a00f924d21ea4d0a4281680a62fff5666711a7f2fa4f38f7d287

SHA512
f76a3eaf14767f3d0c9571ad8063aa47e5cfd7097dd10f8c0ea515ce50276ad9ec1880073248b440dd7d3b4b0199234e2f4e82f4625e2e39be7abacad6b5cb67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
ac1acb4de29edde4f0efd4f21b0f6e50

SHA1
898650820f51473cbad6760df27e22ba51ea548b

SHA256
a8225c05ab412842922f8016bd74c0a182cd0bcba4103766dc6caa3bdcb684ed

SHA512
90c538f0b6aaa144fae5d197362b472ca8d199ac049a24800875be5eabd612df68b91f4ff0e1c6d0e13508f619d24bd5a6d86a1ee8864a4217c061ca61f97ec1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
43049f9b6574a89325ef29370135199b

SHA1
b7da771228f3efef801b4dbf476c0855f9d861f6

SHA256
373858976fc4502629a453d9f9e997386058e9c3228ee6d3e826f4feba7cc70d

SHA512
ef7259a4fc7794540cd818fefd5395a2877ed4408791b64a85c38f66c20cc46c0516badc4145f82d3f5d42063ba6c2fbc269efd8b1eb5f6e7c0c65f0bc41f2d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
84de03ba7ad7de403f8edf3ba6f111ff

SHA1
38eb070f990a05096e0bd76e8d654bee7145ed2c

SHA256
66d56e83c96cacc8ba339268632dd3b23898addb0db2b44fa1ecc4100840faa3

SHA512
2363c2f4354fac26336c8781d2461521e7336df4fbcb7b072104d67fc9397ae182ead017a87a9a02fc41f998a5ced8b8a7d9a9db33cc392431f84a3d3886d55f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a62e0c17650bd7c0e5b077d8035eadd4

SHA1
12bf4e966e63cf5c79c2fea8a452635e6814cf31

SHA256
e367beadae5d8ba8a9f2a446e1228e0a78d3a87bd740c260ea00e8fb955b7cef

SHA512
2d408af897540fe5da0479aec8b902d951fc12baa89a822bc8d17f31d609fbe5a70331645d7e65608067fbb2c37a3abd1efe1a0b5e983b681925e0fac2c3f609

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
654d979b9d24677ce4cbe35b44886bc7

SHA1
e1b61023611959d0465ab897944f22531b1cb3ef

SHA256
6d00d5975770de43c338f208cac4e791f8b25dac311c971d7140426b39178bc9

SHA512
fa58945e0b332c3aa893a3868361694394eb6a55d51578be14aaa15225342b2cee63e46eecf72803ded9bfc7c2c19c8f1b7bc1cd55eec1cc2efbb66151a27dd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3a3075d25bb660c9c9882aa0508dda08

SHA1
b5272d71fcd9e82a0b47d7ab7aab32aa1f0d4296

SHA256
ce65cfdd2ccb6e8cad86bb02866a41692235e417704d0ae8e3647811ac01db92

SHA512
35d98f516be2390a3409e488c7ff65bca70c352e3499befca4eaa62c0d9ff74b1e118e3f4fc15f08a75ed2ab11da2a4a73cb6e07136fd2f91176a24bfc46075f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4bc45f6dbad467ffbb1b99864f61bd19

SHA1
2b34cec98bc05a76a1beb6d817fc0180621599b5

SHA256
f678f15846ff2fb7baedfc5be022d5357545f775f51ade9e59d7acd82c0fadeb

SHA512
7f3091e37bdc2eac9eecf9277dfba4b019834e8b8e15c86d0802ed2ae24514c711e45393d3cfee34b11ab4a2343ae4938979b22aeabe818f39e90400b82aebf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
e7b357752356c9c82766eced39f00d86

SHA1
b8fed7fa15840eaad053965390614a5b05bf15cc

SHA256
e5533e75d9ee753669e3845fa50894bede31958fd18861a54104d2ccf493f468

SHA512
892a4c4a131bac90daf9f74b905110ba182948d06a8cc5fa0274a3055e6b36e5629fdd0d555f04fb4f5d82861050e4d948c02f26b5e3f15a8385702da14a88c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cf80b8fb9e972ea66de59843fba93b66

SHA1
dbd3a36aabb32266b652e3731677496d3c2abc04

SHA256
7dfca27bb56a42bdd4c1ecd8f1d285d789b41ac2ec189ce512fb224aedfb58a1

SHA512
7c03244a597c8a8638e922746ad1d66ada907a97f69f0ec09034666446637df4be7e5b415e563f87d182a44c6c52aa2dab8ee52af75133039fa6a525d9d190ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
682c3d8e97802b6d142b15b0181926d0

SHA1
0b8e668acd822fb0f3777020a8e2dac9d9d2f72d

SHA256
bce5b9110e925e6f23c2aa1292d68c4cc4ac41702c3d771593370ac362679da5

SHA512
98592bb100934f8fd01b51c5a0e693b55e26ad60eeae82dda7c41e0ced23d4ac68d70c50a0ba99d9e437f8b8b215edb25692940e28cc8b52fa31252eee2a5534

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a6e6a706178efb281a729e59d2e7495c

SHA1
5a5a4b501d97b27c22518a821a566b850058afc6

SHA256
3d634d7a9ae9f64f084a1883349be0515cca9ceba98da497a9b3d579ca570252

SHA512
bae3aa6eb0f1455624232dbfc4c721a3d4fec73a43cff717c923943fd031eba880e27878943b77d4351c1cd4ad5f109d9b4e928ce8a86ae230a4a4d75d1ff6da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3a5c8db039d8cd0de882df87a4baff62

SHA1
b8dd9e09b7b649418dc0fe34cf721b042009de6d

SHA256
d2a225369dfa165522a03ba4fc9848a622f72a90f1af68ce4247bd289f634c50

SHA512
898c354c62ef7a6d9001a1271c588a3df56a2c3a19287c7f9d1e74ce05f6521564c7b54ef9291309b06885c1e65f25acb5c8d3ad99154cc2fe205dfa87236883

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
22c588810ff5b5f7316662764be36aa7

SHA1
e9dea7cd85a5c7fe192040b9384119edd93bb21c

SHA256
b03740879ebcadf322e16e4de3cbc807abce5f64c52afef6f9dc6f9b1bc25d2a

SHA512
20fd52b484979c266dbda726c5a912c123344adc45e04105af49eb3b0264151003e099ba98b438bbb46c2ffef5dbfaff70cd13a9c23581b0d2acdda282df16b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
185622e7e5c5383f99996744ca260d25

SHA1
ac34cc4cf3f348eb02b1d6bfa04ce000e162f96f

SHA256
83b0d9e646ef04f480eef626de5695f91701a2963d29bc5c6023cb79a1a264f2

SHA512
7badeda245d8b87364af8e1b9e1b444adf2010d832ef63fc94eb40ec8f47411c969c1a0d6cc9af0cee1d99c2f552e51e08905a413f8d401c87a5a56e92c095b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
502623ee6c529e2f72dfea0b055d80ce

SHA1
7d2bc035e17026255c3b02df2917ceb55abe0a4e

SHA256
b8b6c3789190f6956d5b667b76b41a3e1b6ea59f5d9495f2c8f1a89724b89924

SHA512
e4633400064e2af2c2f15aaaa84a213ca2bfe28b376efb0a3dd0dca8b9f65a301eec26ef9d83ed0b077bb80010643a51d1e3d6c8149b1459f5a52affe7ced38a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
733961d390ef933df9207af2868f9b89

SHA1
33c2590b74b837eaaa84995436d9cfd03c5a1c1d

SHA256
71b02f7b25cc38a4ce16dfc5653542029c38b3fa42d651d8c95a7ad3fc9efe8f

SHA512
06aa2901e5e159259e50c69d2e2c388be697b8981197dc68d7643ff0feabb26b835fef9e4fe12870f04fe541b856329171f6c6283ca7a3495dfe10f4b1747040

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
22208b91cb472c47f3e427251d9d8682

SHA1
a596c242720ab35a35b1661d501aea737110b490

SHA256
cc0995d795a3e69fbfec0c6538bfafbe9955fb4d8374f619ff4188af72141652

SHA512
ceff34437d391b636794b8acaf2e35c887732677d3bb00899caa356940a02040cc2fc18496101334d3e5583f275638a065e38d442f1796001213b42377803298

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
2c4bc6952c2aa5c863eb9de833d212b9

SHA1
2081cbe5b3ffea1c4cff00d311a55f3cd9c63f2e

SHA256
62d9b9a8f52fe6492f0fcbc07820900bfa42712bcce5e14682e642cb3421fd8a

SHA512
64ccecbca31011e821b47c11b39e40e18c915148c460cc142b7711638cd3c223798603deb4b8e853c3274c1ef086c0281e485c8e29c83b2e38ad5e1cb4d8b5ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
79e5800c245473bed88b74d7856b6231

SHA1
460a33a8ad45e3652c2a7f5f590a2aa2c741dfa6

SHA256
f95a19580fcf7a88fc20865b484e873ee029b8bb6eec8cc243e26f9e0274d20c

SHA512
fd920d91cfed9a7f11e9ef36d628cb366aa8aad5a8d8f2d8862b94dbb72dc54e194d3d0294306b4896ba984e88b361d156e726081c6c1ff568e66fa1cae3b35a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
43911e044cc2f28df4fd0b3b0f823f06

SHA1
f331e113cbf5218f578a334274440c4be0167b02

SHA256
327432ccfff63a0a81916f03b357d27a8ee937feda9251a13c953b5a0e23c763

SHA512
3a8aaf909761328d7c335b155afbd48baea7d5fbebacb2dd21d96e88e039bc0ce4468f0dd54377b8a58f3eea312fbc2ebe6eeb731b7df808726eb43743063999

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
0db97e208c0c3b7741352a4004bf55c6

SHA1
e8b0b9eb5c576c0e24c21033392239a2190c6b1e

SHA256
a9caebcd7cc007f8c07064e70b3c5c80a0954a4b3ed1969122f798729fa535f7

SHA512
390f8e7f1e9bdd9a429541788407eba80900919982945468262c9b397ea14626052cbfa682dc19c01cea37e507ca5fe0cfc9daf71d9688d15734e63417f238ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b3a1703cfb57f1e399e711bd74b83a3b

SHA1
eeffb6c0b7e7b502449a90fdac1614c45751d4c5

SHA256
ced9fb2b4301f9b4bf177da0419d8d225feda0f85bedffd65a391d39e5870b44

SHA512
bd32b1fedbccff8373c0bff59be366ba7a4dd87238262fd337549dc0de83dd628434f6674d49faeb1d1c1e33f1b07a88ac8f7a8d870934604b18f55a7e38d7f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ef44e6554f99099652666b6a1f78ca51

SHA1
4ccdde36de224195f7f75f239d35e3c4973c89da

SHA256
ad3e10bffc62fcf9140065e91494bbe0f1de7fa8766806fb4e5041ee2607c1c5

SHA512
3a9b11f8bb0322afb4aa2a5be570cb44c4e860a83aa1eb90710ea5ce1b7cce9743e0ae9b7415dcb8d3fea034bc564faa6a77feb95d69c86dbdba9092541ee2c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
630e039b0962548803bfc9cc22ed9d3c

SHA1
cde0e855a5fffa0a4a8a7fd7f3a12fcd85f513a1

SHA256
43b159a874b5b8f3347557a9cd03bd26b7990478560364eaaf63fd649eda63c2

SHA512
22c1ca22001dca88b278b40bf17209b9017f2c6aec65b6f54b8732073b0e7ed15b2509e36c31acb9676d43648520bfe93273d17888e83b118bfea2000c850cc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
df5a7ed983e8c76abbf645acb976d68a

SHA1
327a59a4b7ebbbdc53477a409c84e299ce300d3f

SHA256
f4383aefdcfb6d5b736e22569319d6d3b3d06c4abbb455a6f35a19211742b099

SHA512
5ae2360e44992dd3aa06c56caf7541633263c623d956a84c46f51b7f086ec7f8d4319ef65d60c89058e3697176a4ff5bd66ae2dc298bb623e275718f0e002c3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
800732e469ec4699ab48f5bd724c3fd5

SHA1
71c7f417990939b5b79b77cd97c9a68ccb6cea57

SHA256
584fb98fe8373e8314f6c6828ee8b0130a74e1b9fcc0f774774127e79cb639cd

SHA512
b024c1c0e2ce425763f1058d022247d750e567697d61ad25d4f6546dc4ff5b8508e02ca98f0376a5bc030ece8ff7aee58f252f8ae8377c4a4e279b3d4f1b7bd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cd980a28cde65ea7613729a91adaef9e

SHA1
d2dd59908a04d24e1b02cac3d5b98bab6a15cff4

SHA256
c19121cc08ea2642d3547651b8c4102b9c60b5007a6b389ca3ff6de26d083ade

SHA512
f459c24ad911a3f474873439a8f2ef196dd363a36be46626cac561d229ac24f281b9631cd14bfe377f65d22a8cee8ad6bf41ecb7c1a2866566c5f8af6642d435

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
deae0ce15f489afbfec77a2a92602fe1

SHA1
b1f3ae436130321dde3bb29b7d7b6ac4a55b3eac

SHA256
1aa3ac57200732c3a2c6c7e32a90898ca2c749f04e30d45ed42011a467cad587

SHA512
365cb6d949eef70cb39a469dbd8508b419633b49325ca195fdfc105960f47d9a7010bb1b58cf5dde5c740d7d0f8f5095f1b4f249587fc328d9830d82c2c43055

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8aee43ec3ebc91ab7071a87c27933c25

SHA1
b9217ba009fcd2f33dbe63a224da6c65c0e3e1a1

SHA256
11b340715b7362601ebd4067a21cfbebcf138d2ca6a4d55b4009877780aa05c0

SHA512
392ba0522a30eb7c2180a9a403b240d9ee75b4e1de4c2890a03f44a0a624ad7075413aef5708e9cab1f3fac9ec3dd2bb65946203695865dfccd23b3daf24a977

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
791fe3cc58608a12ee6159736a6d7411

SHA1
dfec78fa21ca7a20d38b04f68fc2ff64fe7efff4

SHA256
b91cd9223594343629ca9377b0edb66dc53607be36c7ef9c9fbf5396a5ef6334

SHA512
50d1306cf32b9f396c8a0bee7d67e3d4f3e83b83766b41df1c359936d1846098ee4e23a1495390eed981babbd69032ccf4f2f59948ebc10d53fd5112a6c34087

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8eb582b34cf92ee7b42a14b03974228b

SHA1
940e0ecff49ba234797315fbe3d86f377b982e81

SHA256
2c81e05c796e74c496754f720c1d12b43ed39073691b6f56c67f2d434a12c2bb

SHA512
13b7dddca87b47c9c21c2b5ab31590d6e3a12889110f20348d84946cd8fb222b9f4965ca4a6dcd62d84c9a48b2e9a432e378de1f278a39ba466682cc51289122

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
60e643d34ea3ea458a281776bf4639f6

SHA1
25f2d83602ea67923389533413e587b3a8e6ec28

SHA256
e3c7c666585773fdf1eed1621c8925db969745821bf9288c5565c3d68583bdff

SHA512
015e7b210153bd7fd17f6a6cab45647b90ec595b5cfd6ce227545dfde267acc6408ef8922697592b513946ccf46a219c573074d19845bbef53df84bee00f0e76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d0aa0fead424e4a4e723db4fb81f6fc1

SHA1
3c8e953a73ab903baab2c74e7568621861b91642

SHA256
af1f5c5712827e378ee78ba3ec05c9783cae4f9f3a1ee705e24ed1313491d750

SHA512
ce191679007dbc1a080e09db5879da1fb9db1400119433f92be193c57caa7fc448317d3f6ba6c84d729d92fc94761b0bae13bf50ff85aaa9c40b0c7e8b835285

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
02da94a1b11d8dccb973af57f9227d63

SHA1
b59ed4a6c451613d6ce8a0ac937c3201a8818c11

SHA256
58bc310b2d6c226cc2b6545282154877b7011a3f4377ce21241900a1dd5de6e8

SHA512
56381ab1b5d93894cb31b750f1a7a3487406a7734969781b3f36a09a18157e97dfc2277807b0e35632cce1195de60e2a77ed2d056bc7211f45274703d0a311fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
aace066c999ed926ac8b9eff052bd0e0

SHA1
0378afda91a1c1a092e1088db14faba5bfa4fc52

SHA256
f5d48ffc4756ca88b3655cd34d94bac86316d145346d9200c4e6f0bf51e23189

SHA512
80c9d78c9ef7e51183d1e12bb6dedaca8742ba37c60d96758044a405f1049fc876a74158023337e55035944ac05b39b665d8044ed5277b94cf43473640262b41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f2b263f4616a123dda4edde0e856c5f9

SHA1
b488d656a425b13d6ec52c11d51c7ee667c22962

SHA256
290f6cbbe49d1f3477fc140f1377b7c939bb7feeac45a7d20696e174aa8d88e6

SHA512
ddf4bb64e279e0d022d4825446d1cd7c8b7fcbaf6d3911192e3b583b63ab6cace68065be011ded22d15fc8f22bb2e966c9a15eb1ffc738749e1057785e0a80dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
5f78eb634a9cb81a8e9ca71878e35b37

SHA1
eb4705f67c090cffe2e9349b4937d362ccd81ecf

SHA256
4d3c3aa14af02ca0ea9b1d5171c772b50e54a6c85fb93176b01c6e9518d62b10

SHA512
5f5f06802e46ebb6fb9aa92a11668627093ad7fe7ed539939ea9a0f9b5aa83da700d916f361e49f974dcb167cd7f92f055a33893135f8b7ebf0b45ddebeb35e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
52c6872774b8b17694320233ed4aad1b

SHA1
d8d10e95394360ed740357ff986c120b6c10d656

SHA256
154219e8638673763af8be7dc951b610449fe4983c8f7b54ea0d1883bbe61b5e

SHA512
d016105653564436e832b3df4a892d423b92d35e801d017194dd0388ec243c7fe8048c6a1151619a84cc29fe9e4f5e79ccf75f0d43c530b6ccf160d7ee57603d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
94f30727e7907269b80ee909df3c0fa2

SHA1
157e3931b74f72609a189a5cfb0c362333b0259f

SHA256
6b28819fcecb33e6f7bd207168ffdd3546c501481857f8595a800ef8fc2a9f89

SHA512
882761d8f30b064f5c79bf63a7c04aec77ee5f15faf9e2b2bb135f635c3896bd3a82bddb7e8637aee52dab17a14a45c2aa1cab92c52a2dca29f719068f4044c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
6e3eda0a800a459340bbe51495b5f7de

SHA1
81d4d51440380f24369a1b2c9d6463e4cf1d8ed3

SHA256
d1de7761793b4724dc0be7c7606eb83e6aa09d3d5a07d51718f01b74a776b666

SHA512
b75a73d1945a1759bf0bb0166057a7f1b17349988e28b0b5f7a845a3472763d2591b63bd6e8f858d03fc7428e29dfd3a1a75e98be7b6c22c6c06a423a972726d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
1e5fe1738ad29df0f1af1f24225ad42c

SHA1
1c33ed62ca9b5ae00d1283b4987c592e33f7d16d

SHA256
4960db7b73813e4e0cb90b8409d3ec26f52170bf5222429c68bad356be54fbf3

SHA512
837c7d0e1d3bc9f00f9bcbd34c0077188d021ed7571e05da9cfbe27864564f4ee7944b33b18a02327022214842df92b43797d88119e9d027fec380d1344fc500

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
fd8fcfad2c6ce851b3854b6de6816a77

SHA1
5c35e2b9ce3b70727eb5e0eb60f9a9da0f09880d

SHA256
7123e05a03c6c81b5f362573dd3f220449eba0a780e3b06a2eb2e61b8f128db4

SHA512
1ddf97a0427769c557452a92c8c8796ed0dea51a7582b872f0d7cae34095dedb6a473b62c168d5e08a156b8d4ac01f704b1b4666486d0a876c99959dba2d602c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
902d1539569dda3f64303dd1a4b0e735

SHA1
9272d408ca9db41a3aef388cdfc56d1a19a78728

SHA256
f8b445069214a47dfc90c6caa31b7834fae111e913a78b498e50d140274b8964

SHA512
6bfc0bc3a48205e9e7ec449f38aebd4dead9699e9ac534db26666f9e50c87a0af122515c2d03d9b5ecbc9da253eef2f6435d26b9d5b4e8e1a40824d1ea208768

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
e32ef2131114a4eeefdea7519f7c2beb

SHA1
f1022b4988d2152ffbe54eb602d16012a3ca80c8

SHA256
ac7cfe5d85349d9e5b8c4db8e0330817f28bd1e4c5169a01e5c2892290e4fbad

SHA512
d975e7e783c2bbde19b4f2b110fceba3b5b90b819d1e6dbd45cc48ee5a4dab009ec3970fe3f4496963452113cb72efe6a174f57a8f6ee177c13991eca2d0f189

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
7c395bd2be0cc27e27cc332e9a218d91

SHA1
d1ea3b02c47c36eb1b01f1419c4c38732445dca0

SHA256
51c78c19d16cd789ebfde8b43e8801cd1bf6bde8b9a75d93f0ef98d9faf3dc49

SHA512
592ad9c1b4d5926a7374089830e83c3317cfa43fd7c7d530d7394b70732ab63114a5c1dfd36c100bae7f838c983b31bee00c6c35f66fc4d0e919a5d662813288

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
fa7d1fdfa0807cec0ec05a148005ebde

SHA1
37833fde85819dce5e3bb06628b283da80069c28

SHA256
86d2777aff2858138e354cf63a4acbcf3feb53c7e7145df145257a861df668b1

SHA512
fb998a0ed36f9c1111c305f7c8bf7e5570bdc57a75c0454bc165e20e97548e350f17f57b59fe3fda9320b519019e7fc01c6aa909a078d95bf394a6e6789ccdf5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3b5ba9f11ded96c81a202ca224607c20

SHA1
990d15878d44d0b4ba3474408a5681f8232ae54c

SHA256
4a61eb9487f63d556e47467c66fa9d367c790d6b423eb6b04840e2e1dbde89bd

SHA512
4a0045bd97793740df6a21e34652de252a0b0c781db2a6f3c685139dca0679cb08ea5d8d853649ba2c0a9bf1f76bbad7aa1c806741d0a67e6045d6710303f295

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
f8531493f3c56ae4b957e110a8c1946e

SHA1
4ff5159b805a20987e1241d37793744e0381abdc

SHA256
caa61d75226df33b0c8c38049de8159b7fbce98e21d45f6eac46aefcff0b357a

SHA512
4aabbf5e1af2510658c196aad1d9595ad08a8ab279f7edf30643edbfbe68aca2ffd816a4920a053799d4840c2281afe5b53f50f3804f0621e53c6dd45c8b0ace

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
57b9af610677cda4879e2d8a60144352

SHA1
b51295102a7fa3c9272efb815fdd7035783099e6

SHA256
58ee5807e1e972716e340031108c26687a327318cc419bd7f7fad72faab55b6a

SHA512
bb601d2bd0a9893e4d6d2fa5521077b424d9ccd130a3cc5ac5f41398471190aebf1c108d6d07b4757944b0e37f79f41974c5154483497ef14fe0005d6ce2a490

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4d13cb31bebbf1ce9b9baa48547b5956

SHA1
c580eb05e92fb37ecbaae15c3f5ccbe01d1ca221

SHA256
2cf39e18c96beb373bfeb8f364b7ef26c2a837278116b8700c2c09b405210d9a

SHA512
3078e32198d94295d5b0ad2af09d87e50272cd21299350ff849b13e837cfea7608a947e561be0064c8e17e732a650fd9066a9c1485cd73b9a5830f81c2981e7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
a270fe050a053c8bfe962c0c82e8e428

SHA1
70b144460aeb4854e83b2d627ba82700ab14ea13

SHA256
a168d781a93ace7b96eacce83eab66da131415b71b46b363d4e193d9a9e330b4

SHA512
4bf57d54074fd46d51cc49baa1e0601eedb0cb591a444043fa5ec83111d34d2338cda4650657ea341a4d7e8ee2bccd94badc52ada0420a8fec0bd1897a69a1a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
2385e6a86f39c2d1f2986e3a57757c07

SHA1
67971e1f7e5f816f4e4862e4f5942d38d4c0be72

SHA256
52bd86124435044da6c62f7a29adfc39a3a0887bf6b0440da5ab301ced1942f4

SHA512
03ba9f5d9a9bf6ec06a7ba8bbae79e7a7d36806c3e2adeb4493549ca3b60093b9e42e0cbad98ad698acc68382bbdae0c65f87918145a7fe90539cbdf235ad553

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
34305b414e06754fb0ddfaea62e9ec99

SHA1
7bbb4dc62d4d1155b0fc59d1ff8b9cc62f76ca6f

SHA256
4387dedb47d499ed3c1d2ceb1050bc5172ae9a1e0515e01c873d6b8953305bde

SHA512
d9ffab45d72172821a2f4ed0a14959a9dc16ce4a65443439635780c88094a49ddb9a609d48b1036951b6523f50aef17152b4e34d591910159d9092b9120fca03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
78853970bd7fc59946f4bc4c62d86220

SHA1
91ef3e805c0b5fc2f50e608d013622617323ffed

SHA256
dcba3d1494eb471434b389d4ec6d432fc4b0bbce8e0e0a70590535dd6ed6cc1b

SHA512
a3fefdc8d1f7758e0b2418bf6da457bde78bcf3a732f48b408b08445959eaaa0c1798d429dfc002bca9fcf096b2d3aee2c9eacdaa9d5bdf321b79431177eb8d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
1b2ea03c0cbc270ed1b5729612ad4f3f

SHA1
9fc9df9d5d0a590b732d44ffc1bc9a51cb28c87b

SHA256
8d533921ce13d247db8d7cca0a550f500f236fdc78af54fd8e8928c110dfdfac

SHA512
049e249718248bc7380745515127c911073faf072b6d1fa588051f673782c91841a6a8a523b1cd71b837d69220daff0722a343ec0086ec9838a8ec45494e8c65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
228KB

MD5
ca3bf132a58c150b7c761152dabe9cff

SHA1
9601646ec3d22624a7bf32fa5b845801f4efc88d

SHA256
9aec8825536f51205b5b4cd80069b9ca38eb5d4c5fb7fdf1da3bc35400f2ec77

SHA512
7a15e4fb31ee6e44de3323566026a1a0fce52ccde736891fa5d6e0b04b8d9cff153d8bfde87e5a48d36f9bd08e33caadb4ead055d850710377472db0be13c3aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
eb881bfe5a636937e6bf1c9658db34ea

SHA1
02d587c6531e32543f1546bbe8e7c2f397bd0614

SHA256
fff2a2411af3cb823ee42b4aff6cef59743afaa23c0cdaf0bb348c88f3d9ec71

SHA512
e0e9bcb9551eaa56e7f1dedf50fcffcbf6339f05c6bdac918fcb7052acd188410cd597ec0b5c9e8150d55742350591406d49475e8d5f85ca2b912e85b72365dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
231KB

MD5
91ab61aefdb6d237b05c206d3b9b3955

SHA1
7ac16c144e9ffc9a83e3b7115b06afa2a59ecb71

SHA256
70a278d613487fb76dc3757591cd8e7235c07eee8fd5e372dc6b038dcb9e0893

SHA512
902553f31db9b1bd81a678e77bc7042d49ca3ced7b4589a1ae50d9c38b6ad47536bc4d34b7f11ce1fd0bfc241823a93951af9cf44519b38d100d8fa0489368d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e11c77d0fa99af6b1b282a22dcb1cf4a

SHA1
2593a41a6a63143d837700d01aa27b1817d17a4d

SHA256
d96f9bfcc81ba66db49a3385266a631899a919ed802835e6fb6b9f7759476ea0

SHA512
c8f69f503ab070a758e8e3ae57945c0172ead1894fdbfa2d853e5bb976ed3817ecc8f188eefd5092481effd4ef650788c8ff9a8d9a5ee4526f090952d7c859f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c0a1774f8079fe496e694f35dfdcf8bc

SHA1
da3b4b9fca9a3f81b6be5b0cd6dd700603d448d3

SHA256
c041da0b90a5343ede7364ccf0428852103832c4efa8065a0cd1e8ce1ff181cb

SHA512
60d9e87f8383fe3afa2c8935f0e5a842624bb24b03b2d8057e0da342b08df18cf70bf55e41fa3ae54f73bc40a274cf6393d79ae01f6a1784273a25fa2761728b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
540B

MD5
a49269cacd43313908e703ab4a185ae1

SHA1
253f2314e4fa1514422b5c6cfbce90713158cf4b

SHA256
cecfb648c9b627f864d0291a24ab590ea17f44be06d9b15b887410318b80564b

SHA512
070295f7acee184a2e7cac0ee4c55793153660597c828a3ac90d5566d2acbf6a6e1ec49172d7f4f5cedc65a1782cca9eff155d8deb3891052d99c2effdc92db8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
470B

MD5
6e50dd7fc2c1212ec0b585a98bf50218

SHA1
680a10c5959081cbb21010c63825a1958a63dcc6

SHA256
947ca2ad2829b95a46872759988d16340733e44a7c2489172920262f4a96eb65

SHA512
73aa32cc2233b208eb955391309ab48290d383f7f52dad9544b9519dfe5159d6481f1c54914646571df5ab91efab85c14102f101e12407a2d09dff3e09e0e4c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
470B

MD5
a10db42885e4380722f1025af0c29597

SHA1
04f6cbd076550f5dd68eedab1f853a0ae450c05b

SHA256
b93e99dc4164d8b920b6cb5eea6b3d91927cb2d8a0d60065b432000e938c2eca

SHA512
b0e96e37d06f8e0b048c2a919e3b127fb374745b34104bfd1cc3b86fed28ea08d57a292ffdf0719aabfbd981cf99cd9c9dab052e3463ce0857090d6e5eb75275

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e1810735bb8bbd962897e14e94830f50

SHA1
7f898eb2bf88d11aaf4a58aaa06e234c065f5ac1

SHA256
633bd096454aaccc4a79a8eb38d72f2c33b281049b808cf7b7f9e80e7bc6c83a

SHA512
c8a1d2f55ffb8546f16c16f86a12b1a1849edf0f35040927a32540e839af5f56f627b53a66fe183c28558dd5a1e0e7624e97cb24676e0e1d22c164774c8407e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
283c5a95b02b4ab457388ee182ddac9a

SHA1
76705b44407322b587d5aff7974d92531c686ec7

SHA256
2bece1acba8f6e2ad094b57b907b48fc82b5552a5428cb042771e47076646096

SHA512
17e4f68d98920446159d05c3343b7ccbabce9d9df508953a05200fddca0c89b011ff3252289f0706749972cd8925a859694a85f222acdc5dcdbf6a6f571226b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dcdb56b57a33c256128fa92fb568b23e

SHA1
c40b1615eba7cff7934478ad2adf20ed4984d4f1

SHA256
e6ca3da794b8d79b7e287673e980a6146aef92496634ea4e267e0297de14febb

SHA512
33fa8b627f8d8cdc4051a79c9066e4751dbfb8858f010f4ab4e776e8f4bbdf95ab1b54de3b95774a3de0c456ef2c6da760ab592b20f144a2d4a3bfa040644510

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
6e7b0d8074e558aa44136f5b0389bcbf

SHA1
fee89954e25ae3b7ab3b11ebc419c6ff25449aac

SHA256
d1669a7af993c285e770ac62884b6df6b7a7e0e1591440c684f878f52d0449cc

SHA512
4a505f36667ac888ed1a79f4fca31bc989cdd9a13f623bf5f86e60ae8b1f4d217bddfa2d6f5f85e17d026f95844e6caf358bd6e105fdfbd04745350b275e6e53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
6284a4a4cfc45f5e15573d1dc3f65a97

SHA1
4680a885dd5d46a0ae29104b284621464aa5e036

SHA256
4ff56f3e0808fbd07204959e4ea7d2d0cc500f3f29454d7eb00b27cbdf430e08

SHA512
57ad6a89c255734ee456c1915a03f46ce675fa0197f84067be9374a640d95745170025cb2accddfd9191d84442803bbedbee08e4aed36d585ccb1df329d9ef03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
a8a703fdc6b15b37442e847143a219a1

SHA1
64379b96989f8e8a39f532862ef371a6c03ba719

SHA256
9674163bf75f62d6ac64878dc24507c3a6540b63c27e4fabf5a17a32b9d0086f

SHA512
1de8b654db652c57f3c639c535cd04a3867f10869b3ed1b7e071ac7a0c07498c064c287af1bc810caeb92bfbb416670b2f282e2e104802a377d6b610f8d512b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
daaa9eac474d48acdf702034f539d858

SHA1
856a0c7ca0d126508ab221384042874c9d166066

SHA256
4134169645c4b4ef37a0d01fa89f41ddcc0a50be0f4828c790a6f430ea8fe52d

SHA512
e7ebb0323814f758eabc6a9e0ea43a2c8733f5127653e49e892ca15ae984bbc34ae29a20cc754bdf6f1c4eb2e7e5b55c22c3c7339b15a583bdde4031447869c9

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\activity-stream.discovery_stream.json

Filesize
22KB

MD5
62a7bdc5df7db5cbcd08c79fc433b42a

SHA1
a7a616c6b18f75fac5405278406b4aa668d557d2

SHA256
a325e50e703028d89ebb10d203ca6a4131923a3350fca4d011112a615bdadf4d

SHA512
316258133e322eb5b768940f78691007bf3d777dd2892c883ae93c8fa3f8344b01aa067bb88efd45aa22dc0d4929f348e2c87d1c906d3a12a5723225d16ad12c

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\cache2\entries\6D89348819C8881868053197CA0754F36784BF5F

Filesize
14KB

MD5
6f18affdb65d9da860aa87686ae88fdd

SHA1
7a39b1e8dafff8467921aab04aeb9b8c477d5432

SHA256
b6cb1c3c9cb320dd352088b1c5bfba3db32f076da4eb5f64dbc4d689ac180959

SHA512
0653520ae33426f2f2ac3628658b0e879dba194d63d0d38b1a4b8dd76ea1a52448324ff8935a5ac76024a678b43c7efae58320f7823a3f7e529e8f917616c456

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl

Filesize
15KB

MD5
96c542dec016d9ec1ecc4dddfcbaac66

SHA1
6199f7648bb744efa58acf7b96fee85d938389e4

SHA256
7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798

SHA512
cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658

Download Submit
C:\Users\Admin\AppData\Local\Temp\9148e287-8a41-40bf-bb02-920a4a1900bb.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1856_1316550708\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1856_1316550708\c3321d26-14d3-42c9-af03-4172a41f194d.tmp

Filesize
150KB

MD5
14937b985303ecce4196154a24fc369a

SHA1
ecfe89e11a8d08ce0c8745ff5735d5edad683730

SHA256
71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

SHA512
1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
479KB

MD5
09372174e83dbbf696ee732fd2e875bb

SHA1
ba360186ba650a769f9303f48b7200fb5eaccee1

SHA256
c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f

SHA512
b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
13.8MB

MD5
0a8747a2ac9ac08ae9508f36c6d75692

SHA1
b287a96fd6cc12433adb42193dfe06111c38eaf0

SHA256
32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03

SHA512
59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\CCN1THQB3IH2N2TEIJSV.temp

Filesize
7KB

MD5
f7121f7e8d45e90538be421e31bed0c0

SHA1
7c2e597a7cbc0a9273c23d7661ca09261dff60d1

SHA256
e8eaba6f5cbc4f1ec359d35821c31bf46d9d391bce5d9d72fb82c1dfee7322d1

SHA512
a76e1a24484713532ca2ccc4b4fee3158bdce0bb1abbcfb6602bd0c2f487159c6a68d153fadf1aeefc4de2e098dddec823c72f726c95082e2a0cb5ea3abfa833

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\AlternateServices.bin

Filesize
10KB

MD5
47e6134f0ce752528a86e289d663a4df

SHA1
57e0d6be4d5f96f0db0428526e05269f1a3a3ca9

SHA256
88255f9d0c802a6ae8bbbbc0fb7623c904d009c9e190ae411bfab9d9a6a492e5

SHA512
576894c9ea746140f75c4391d19243a22d8564bcdf19ad6712a02cee9e61d0573f5c8362796f18123e066220f4c2c4faf6eaeee75568ff3f62920378f7e860b0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\AlternateServices.bin

Filesize
6KB

MD5
eca81742069fe5df6b1c50a39c4c5c94

SHA1
66a143c2279af170aa024bfb0c14eac75d57c1a9

SHA256
d2c07d2e36683bf2e7965eda17a33ce96a9bc379522d4d3fc23bdc3c0a8b1c4c

SHA512
36d3fdd08ca59a3ef270922f64d38cd96bed8a728b99eaba73e16ab75be2d9dc2bd248a7b63c2086c23523c7e9f3e32645582fbed979fdc26826bff72a05eb01

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\bookmarkbackups\bookmarks-2025-01-05_11_zrihSVbctqiR1GbiTiRGTg==.jsonlz4

Filesize
1004B

MD5
c03c56b2eb1e6e75443868b97725feee

SHA1
74fd17c3af18ab01ea6cf4347180824fc6d10909

SHA256
55c073e7bd619821be5d7d0292b13a3579ff11aeea4dab936f59505b539e2cda

SHA512
6963108ab0a50031b1c9cb43f0a858168df8afc65150d28f356ef2414f186c7de1b14a030ea02f8dbedd5b7208ad8c1f2edbe1ba4056ce2a7f31a628487b9f62

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
43cfce97526ce04b43917a763ccc2317

SHA1
c5dc2681b34b251d04d0cc2d3a59335d6120e217

SHA256
7e704e657c23291f05f5db388b0dd9b891dfa3a2f75fbf214bd847faeab303d4

SHA512
ed173211e63b4f1452e80bc0d28a9388e12f420382a03786634960735e8d3ca3e50dd22c1a5733454270eebcadf35cd1ca0de12bf4cf0fd8c75b603617489c53

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\db\data.safe.tmp

Filesize
6KB

MD5
f464b2e026f9ec63ddd0d9f8cee87a40

SHA1
0ceff6f3d31d97a9885b6ed50eb059926ea80ffa

SHA256
0e1072003d0fdeedd4c1a7774e40fd3f0c343a5722240e2e5d8ad573ad3b5829

SHA512
2b0985cb7ca06c08830d3a47c66aaa6f7f76766eaade0961d3bfb4c8a7cd733d8e9b74be7f5d709075af2fdb7d2a6eda9283fe8ae8b9921549458b7d21c1bb5e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\db\data.safe.tmp

Filesize
28KB

MD5
880172230733c241a829f3a4acfc82da

SHA1
167825bd0f50939bfde36b0f7b86e06ed30c42ae

SHA256
c1d7a4174cdeb95a291ae6e6a1b5142561d18b2c66283ea2f76c58dd6158a717

SHA512
c44ff34314fa2eac8bada5a3fc9d5a3234e23073430a9758ea1e232bb093670acc0986f68af3eb3b007288dca0f1a692fb8e0428acab106fbcca7c1463c188ed

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\db\data.safe.tmp

Filesize
5KB

MD5
f4ee1a2171bf2892c1f29c536867111a

SHA1
06a7515a9dec404143239b7ab35502cb8bab4a20

SHA256
ee97a058962f0cf057ced347388601b200ad559eb9db0bd2639bd86ceaddf826

SHA512
6d9685c088ae63ac3a5fa725b48e2e0b316c64a0afc912e437ef1b30c903274a93d27c9748b18132cfbd7977904869b095ece427d4c1b63204a46c279cbb0745

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\db\data.safe.tmp

Filesize
28KB

MD5
d2df276bcda63372afe8c7f6907d4165

SHA1
3ac3987d4ab8598eee1142c0e601f8d803f43661

SHA256
02461af21935fb97cb3427a4a697979caac359399cc0b456448bf96ac9c6f981

SHA512
4aa8380e36e37662d75be3a19a9e6fc254600e9e8c9f8e682b245f3992bafe893e7465e761af1053398758acdfcf6cb51c27a3cf3f226a69e2c83642b4076966

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\pending_pings\0725c4d6-2843-4254-a3ce-72e064419e75

Filesize
24KB

MD5
ccba137fc87975a2d182e71cbc474810

SHA1
47ff3d0a53faa00589bd30103203d7496d488720

SHA256
1ca5418257c07134095bc9fdb499b2d30d3f32d038c87e815b1339fd46ba5fad

SHA512
0552ec12014efa46f0124dc9390a9cfb2c397472a297b436f6f3a867d3120db58a5befe4b4f26734298a198e2ae4ca06c68f896c566772841734d294cb985323

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\pending_pings\681a4488-c45e-4111-889c-ed1c29adc873

Filesize
982B

MD5
68954a68fc7c9e07c7fa2edf1d69f705

SHA1
ae8c629e70dca566acd6a848d23a6a1e4e49299a

SHA256
451e302ae8ef260f13905bd1794f827cfc5f27689d23894dd4d315779692955c

SHA512
bb9c9e0b50878bb13692ee38a6ba46e012f5086cc68195bba6518bae17f17b5a9cbc8e16bd37bc4f796c133a4ec445b2f5af8008375ea1e604e6002a839c5626

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\datareporting\glean\pending_pings\76cdd85b-02dd-4a5b-8f72-9b464b7e870d

Filesize
671B

MD5
5f6104605a1b03bc8bc24774c3926826

SHA1
0801f51578adfaa4c2dce38288624e634bf9a3ff

SHA256
21a0ceeb3baf9d16f3c447f7427613805d72782197f6b16a7d8290d6c4b93343

SHA512
7c09324d322b83e2f283a07106a6e4493b8fa46674400a1768b126b899e2679442dfb880899f86805e7b4caf7ec60a72e8c215a1f671cf7c48d8f6d29330f9b0

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll

Filesize
1.1MB

MD5
842039753bf41fa5e11b3a1383061a87

SHA1
3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153

SHA256
d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c

SHA512
d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info

Filesize
116B

MD5
2a461e9eb87fd1955cea740a3444ee7a

SHA1
b10755914c713f5a4677494dbe8a686ed458c3c5

SHA256
4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc

SHA512
34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json

Filesize
372B

MD5
bf957ad58b55f64219ab3f793e374316

SHA1
a11adc9d7f2c28e04d9b35e23b7616d0527118a1

SHA256
bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda

SHA512
79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll

Filesize
17.8MB

MD5
daf7ef3acccab478aaa7d6dc1c60f865

SHA1
f8246162b97ce4a945feced27b6ea114366ff2ad

SHA256
bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e

SHA512
5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\prefs-1.js

Filesize
10KB

MD5
36ebb202bc2a9f7267005882cb4abb99

SHA1
649e172ad7544b328a11e93432e1a75ec9d1b512

SHA256
6645d3e4543226cb8d11ce63618918381a453d9c9e021a39fcd4d6c1a33f3914

SHA512
f2543cac53cfb242ef86726ed7675df91c6cc8ce502b3def5ed9392fbc854eceaf702f507f0848701fc3104d8e1e6d47a119bdf392a0c1c6d9d8b7b7e60a102a

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\prefs-1.js

Filesize
11KB

MD5
1bfacaaf0d2acf4ed06ac3bc1357bbc8

SHA1
1dfc95d6d6ab05acdcfcdd294d094a404800a2e2

SHA256
57742c6ef61acb1bd66520b548c0741945ef55494d29bb82a903939a9ff9fbcc

SHA512
ffa49cc73106d1c19cc5b06217619e6e7ef6c18886958f0d404fbee1c2c4f1f670577cac7dc14c95c4fba22379936dec4f9b1c9788adea30d6cbe38adbefda1b

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\prefs-1.js

Filesize
12KB

MD5
617882a16068be1de2ed26ab77fdff49

SHA1
ba861f725b790e7149506aac2f98f0f1e8b386d7

SHA256
10919324522715a5aa09e53426c9886fba0a387e7c1a533b769164b3b0a85b57

SHA512
dfe64ff61dda402635536a23a25a8fd9bf2ecf1630a2f6eab5d4a9ff1dc70cfd82f178c4fe922f02d0492b4e8f07e54e8b2e5d1effca944cf4369c6aa83813d6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\prefs.js

Filesize
11KB

MD5
c9bebe564fa2d87432b4b1f4166c7f83

SHA1
414e5e999e38b20010ec048223b60c9ac9c26b04

SHA256
f83fac5d903730e7927f2bdb66b7dd695742601775f70340ca5314767408e2bc

SHA512
f134e4bf6bf5d0f927c3920a2a1dea88b97cb1da9710484682ca21218e5ce62e991ffb05ee9eaff2995a5a88257740ee3eec51d3ca3c0082c5d193205ca38257

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\sessionstore-backups\recovery.baklz4

Filesize
7KB

MD5
c2dfdb8d7e15ebab098c8f6843c61b03

SHA1
c68c5f749b97f5eed08fa6c50b78307181aec046

SHA256
09d43b584b9b4c52933e11a5377cbb7c92fa914dcc46047b4d69ef6b1472800a

SHA512
463d506ce3e5b4d714e0ffcbde147a0b07197a7d13fffa711d75944adced12fdcf3956466d6e7eb7b1c644f1b2c8bb43cb2a820e6e5fe034d969220cd73e256e

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ohbz3gv9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
584KB

MD5
77f14ee3c14f9c823eadf6cf0cf53a69

SHA1
c4bb764878c6c443dc692047bfc72cc7a7ad013f

SHA256
76b23ea33fc1a00e1a4a07bd420fa6a94ee21a27e31921d09b338ecfb9d14753

SHA512
8cafea7ee6981f25cc338fd0395e7299c36dfd85a7ac50fc5e96c4943c2c804b8b7308c6c7f591863ce269806cb4eae6640e6cd020975519b1b3723bb7754165

Download Submit
memory/3640-7-0x0000000005380000-0x00000000053E6000-memory.dmp

Filesize
408KB

Download
memory/3640-10-0x0000000074390000-0x0000000074B41000-memory.dmp

Filesize
7.7MB

Download
memory/3640-9-0x000000007439E000-0x000000007439F000-memory.dmp

Filesize
4KB

Download
memory/3640-8-0x0000000006280000-0x0000000006298000-memory.dmp

Filesize
96KB

Download
memory/3640-11-0x0000000005350000-0x000000000535A000-memory.dmp

Filesize
40KB

Download
memory/3640-6-0x0000000005110000-0x000000000511A000-memory.dmp

Filesize
40KB

Download
memory/3640-4-0x00000000051B0000-0x0000000005242000-memory.dmp

Filesize
584KB

Download
memory/3640-5-0x0000000074390000-0x0000000074B41000-memory.dmp

Filesize
7.7MB

Download
memory/3640-3-0x00000000056C0000-0x0000000005C66000-memory.dmp

Filesize
5.6MB

Download
memory/3640-0-0x000000007439E000-0x000000007439F000-memory.dmp

Filesize
4KB

Download
memory/3640-2-0x0000000004D90000-0x0000000004E2C000-memory.dmp

Filesize
624KB

Download
memory/3640-1-0x0000000000290000-0x00000000002A2000-memory.dmp

Filesize
72KB

Download