hxxps://www[.]mediafire[.]com/file/8luh427dyvker95/HVNC_Beta1[.]rar/file

Resubmissions

13/01/2025, 10:44

250113-ms248s1qdj 7

13/01/2025, 10:31

250113-mkl32s1mhq 10

Analysis

max time kernel
178s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
13/01/2025, 10:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.mediafire.com/file/8luh427dyvker95/HVNC_Beta1.rar/file

Score

7^/10

discovery motw phishing

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-3227495264-2217614367-4027411560-1000\Control Panel\International\Geo\Nation	dnSpy.exe

Executes dropped EXE 1 IoCs

pid	Process
5724	dnSpy.exe

Loads dropped DLL 64 IoCs

pid	Process
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe
5724	dnSpy.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
600	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133812386869219216"	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
3664	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
2620	chrome.exe
6280	chrome.exe
6280	chrome.exe
6280	chrome.exe
6280	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeRestorePrivilege	4708	7zG.exe
Token: 35	4708	7zG.exe
Token: SeSecurityPrivilege	4708	7zG.exe
Token: SeSecurityPrivilege	4708	7zG.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe
Token: SeShutdownPrivilege	4616	chrome.exe
Token: SeCreatePagefilePrivilege	4616	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4708	7zG.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of SendNotifyMessage 34 IoCs

pid	Process
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe
4616	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4616 wrote to memory of 2620	4616	chrome.exe	82
PID 4616 wrote to memory of 2620	4616	chrome.exe	82
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 2700	4616	chrome.exe	83
PID 4616 wrote to memory of 4068	4616	chrome.exe	84
PID 4616 wrote to memory of 4068	4616	chrome.exe	84
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85
PID 4616 wrote to memory of 3380	4616	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.mediafire.com/file/8luh427dyvker95/HVNC_Beta1.rar/file
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff866c5cc40,0x7ff866c5cc4c,0x7ff866c5cc58
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1936,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  PID:2700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1888,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2552 /prefetch:3
  2⤵
  PID:4068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2108,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2580 /prefetch:8
  2⤵
  PID:3380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3116,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3152 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4324,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4788 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4380,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4696 /prefetch:1
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5272,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5284 /prefetch:8
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5320,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:2888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4812,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4668 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4252,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:1944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5728,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5652 /prefetch:1
  2⤵
  PID:1580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3824,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5932,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5940 /prefetch:1
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4484,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5548,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6120 /prefetch:1
  2⤵
  PID:1136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5664,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6128,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4420 /prefetch:1
  2⤵
  PID:5096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=5976,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5928 /prefetch:8
  2⤵
  PID:4128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4676,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5872 /prefetch:1
  2⤵
  PID:448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6176,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6204 /prefetch:1
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6184,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:4984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6148,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5948 /prefetch:1
  2⤵
  PID:2220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6436,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6452 /prefetch:1
  2⤵
  PID:1632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6476,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6580 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6704,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6712 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6988,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6884 /prefetch:1
  2⤵
  PID:5140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6936,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6872 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7200,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7172 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7224,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7328 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7528,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7484 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7476,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7640 /prefetch:1
  2⤵
  PID:5564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7796,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7844 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7940,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7800 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=8076,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8108 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7980,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8232 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=7864,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7792 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=8380,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8364 /prefetch:1
  2⤵
  PID:5864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8400,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8660 /prefetch:1
  2⤵
  PID:5872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8416,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8688 /prefetch:1
  2⤵
  PID:5880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=9052,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9072 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=8784,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8420 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9244,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9160 /prefetch:1
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=8812,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9396 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9536,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9556 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=8824,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9432 /prefetch:1
  2⤵
  PID:5736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9812,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9836 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=9976,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10012 /prefetch:1
  2⤵
  PID:6180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=10172,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10156 /prefetch:1
  2⤵
  PID:6240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=7856,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8988 /prefetch:1
  2⤵
  PID:6416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8404,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7496 /prefetch:1
  2⤵
  PID:6804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=7164,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10148 /prefetch:1
  2⤵
  PID:6824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=6876,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8936 /prefetch:1
  2⤵
  PID:6816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=7240,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7028 /prefetch:1
  2⤵
  PID:6828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=7084,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8536 /prefetch:1
  2⤵
  PID:6836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=7192,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8540 /prefetch:1
  2⤵
  PID:6844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=7408,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7464 /prefetch:1
  2⤵
  PID:7100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=7768,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7728 /prefetch:1
  2⤵
  PID:6336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=7372,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8952 /prefetch:1
  2⤵
  PID:5692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9208,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10188 /prefetch:1
  2⤵
  PID:5148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=9196,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10300 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=8572,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10564 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=8392,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10624 /prefetch:1
  2⤵
  PID:5336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=9016,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7596 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=9924,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9868 /prefetch:1
  2⤵
  PID:6584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=8168,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8412 /prefetch:1
  2⤵
  PID:5984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=7740,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9192 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=9180,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10748 /prefetch:1
  2⤵
  PID:6468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=10556,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7492 /prefetch:1
  2⤵
  PID:6460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=10436,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8620 /prefetch:1
  2⤵
  PID:6516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=7808,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6964 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=8652,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9744 /prefetch:1
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=10500,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9788 /prefetch:1
  2⤵
  PID:5832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=10516,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10464 /prefetch:1
  2⤵
  PID:6680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=10544,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7444 /prefetch:1
  2⤵
  PID:5960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=10520,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10332 /prefetch:1
  2⤵
  PID:5840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=9688,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8144 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=7732,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10948 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=8660,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7260 /prefetch:1
  2⤵
  PID:7088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=10976,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10888 /prefetch:1
  2⤵
  PID:5400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=11076,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=11224 /prefetch:1
  2⤵
  PID:6052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=10200,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9224 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=8224,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8716 /prefetch:1
  2⤵
  PID:6112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=7052,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8128 /prefetch:1
  2⤵
  PID:6056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=8480,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9348 /prefetch:1
  2⤵
  PID:6688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7108,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7112 /prefetch:1
  2⤵
  PID:5372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=9476,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8280 /prefetch:1
  2⤵
  PID:5780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=9500,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7616 /prefetch:1
  2⤵
  PID:7076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=9572,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7992 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=9560,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7988 /prefetch:1
  2⤵
  PID:5132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=8004,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=6888 /prefetch:1
  2⤵
  PID:6432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=9620,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9280 /prefetch:1
  2⤵
  PID:6512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=9088,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=9256 /prefetch:1
  2⤵
  PID:6596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=7360,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8408 /prefetch:1
  2⤵
  PID:6968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=9952,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8560 /prefetch:1
  2⤵
  PID:7016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=8052,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7812 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=9396,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7260 /prefetch:1
  2⤵
  PID:6928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=7984,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=8528 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=10984,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=7924 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=9468,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10036 /prefetch:8
  2⤵
  PID:5408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=952,i,14564489720795001800,11759665076500377393,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=10844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6280

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3752

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:4352

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3628

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap17724:82:7zEvent23647
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:4708

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x3c4
1⤵
PID:556

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap5509:78:7zEvent24287
1⤵
PID:3988

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap28982:78:7zEvent16889
1⤵
PID:7032

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap4265:88:7zEvent23168
1⤵
PID:6352

C:\Users\Admin\Desktop\dnSpy.exe
"C:\Users\Admin\Desktop\dnSpy.exe"
1⤵
- Checks computer location settings
- Executes dropped EXE
- Loads dropped DLL
PID:5724

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\txt.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:3664

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
980ebd34ef8cdfa9900dba4fe367d2f7

SHA1
35955645e6324fce99a971a5a80ecae0fc21d971

SHA256
d5384308d29f2f9478f0d1354e9f94053300496f3b7cd2f88f5f8d00dbe1482e

SHA512
470cce060f4dcca34b26c8c3b2d3d4024c12fb4631ed8251e942e7e992149a422f30526b27f9f55c13d5d9581f022d3b18439893c6b0455180ae70c0fb24430a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
c235e3541142818ef3621ea84325d29b

SHA1
7cde23b50456e6ed1c0bd794739dde15671ad425

SHA256
1042c61fb9930d2229e7ef9dd2d0e54989cb9d2c8703679c35d904e8ad4501ac

SHA512
72456a2e3b825215a2f0874c9e0713980fb6ef58123921c2d5cd84e6594e29decb4d385bb9c8579a56af2a820abf4d6bd45be1bb6cbef45dbdc552d544b14787

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
63KB

MD5
226541550a51911c375216f718493f65

SHA1
f6e608468401f9384cabdef45ca19e2afacc84bd

SHA256
caecff4179910ce0ff470f9fa9eb4349e8fb717fa1432cf19987450a4e1ef4a5

SHA512
2947b309f15e0e321beb9506861883fde8391c6f6140178c7e6ee7750d6418266360c335477cae0b067a6a6d86935ec5f7acdfdacc9edffa8b04ec71be210516

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

Filesize
17KB

MD5
29b8ae1d50ef8543dcebf4e9f53089ef

SHA1
90297279de99683b3903534459bc9962924d79fa

SHA256
2dcbd24e8f78b008251a1a0499c981a79be59fdf154ff9938a28ecb7e64cf12d

SHA512
6de295089b62bd50ff955c2e381be6bb0e59b1f0776946c5d3b5109fffb84ee2a673f49d2d5a56e5600d3b09fd8e9cecbcd0e677234a6f96c1194dd1e1c27c94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048

Filesize
145KB

MD5
ac0ee8c7fa7b682a321ec896f062bc86

SHA1
72d2380622f541ed8e4a4412c8a20480ec156852

SHA256
9b8915abd0f319c259dc6e49cd2bd0de852335876cec1940ff3308702fa360f8

SHA512
4efcec919948f978f9be0fb88d598632a87b619f4e5f559d92a481569e1e82b58ac0160c016cd3f509f9c9af7e1604e583554b74b0fffe2ef8914d7619ab7473

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049

Filesize
20KB

MD5
287585b99a536365578afad81f87b8df

SHA1
afe4e3f065beb6e27eac184401eb983cb31b0481

SHA256
5656f693c911e4d8c289b2f5a02b01a460f2ad1f3d529e5579a7e0b20d611d88

SHA512
56efe9d51234d447a0a207c1a5650c0c22cc068f8e01a995517792504170aa4f6c2ba61b844913b0d2ef3ee2d695390d1e3478a06cac3b8963903c0fef13adff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004c

Filesize
20KB

MD5
4f45418761264b0518669abb3872d552

SHA1
cc09cfae03fde26e0b6d7d24e6427f278a421776

SHA256
8d72fd76d38dda8f184c1c35090ed5a4eb6a237df62bef32250af13805a6976f

SHA512
5874873cf1c6a7bdc5bf4663428900ff80b71da8a8d70ef3bd46c10ab57925a54201818086cb92aab1b4a44144cb7a419bfd8d037c9fbed6335e27d7dd3f23d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004d

Filesize
33KB

MD5
fa1c72c84593dca7d208edf258577e09

SHA1
0f2c9049af7364806d5de36f7fa36db50aaeba8d

SHA256
13e7e849d6b6e901e14df79fbec62949599e2bf97fd99745c020e0bd0f8c882a

SHA512
fb10155d8866066a30b65c10a412c3b02bb800870e39917118ea8ad72394b2958815dc4f622202f413b3245ad0dd3531abaead0df6c7f9cf55ce6dfc82a54e13

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
94KB

MD5
184f0ec1abee4c5f5071d9635fdfc7b9

SHA1
2e0ce379cf713edc76fef96209d7f0780e95b2a6

SHA256
e687f6eddd06ca96284e86eae59e02caccfbb2fb3fba9150da8cfcc457a1cd13

SHA512
75c88e93665cdb06c039b436ffef94f26cec9f7200b1d66ed40fbcd942e193d68a00fa3e8e10917fa242ee588a213ec41bf5bc617f0adc3c9391025dbe5bcfac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000050

Filesize
103KB

MD5
c12602b8ebdfd5ea5113f42ee978d526

SHA1
1159db5c354e5c9a73b2e072b3c0c5d02f3ff07b

SHA256
412aad14e7b55e51c4c56a88949c8f5ac81e06bd1d9b23da4378b1d9711a0794

SHA512
00ba76a1f0f08c969a96f4418c158d482eba611fa5984cec234ded9c7a1aa2e9e4dc2a69816c2940783289767212ac729cb7b3ae4cd002f772a5dc5d45bce3db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000053

Filesize
90KB

MD5
21f06e4856dd0500d18bf91f7f2da047

SHA1
3f7ab63e2062fa40dee265ae545a40a2c3ea73de

SHA256
b706a3f1d05970dcca90414bd8dea3a5a0f4b9d7c2ccc23c0646282059270927

SHA512
8eb9a34dcf8044970a4e0b0ee823c4b8f82db6499227563d1d54ced8c5608e6dd6e3d4145e28e5e04960fd79766954b5339f0cc08d0d950b5ae485cde79a1b77

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054

Filesize
84KB

MD5
a92e6a9e0df6e6e40936e4c50bd7e113

SHA1
c62d09a5ab238bf73d53af7cdd2eb291ed34086a

SHA256
c9aff5ec5c220e1123b1a3c47168d3c85e7150be95b180cf273ce60ae9d58f6d

SHA512
ef402e59f1077c280e35eac13a899f022077260fea7cb1d5478af9d1b3b78d4938686de3f0851c663c6eb4c95b381e2e428b12b28b450907e8cd06459b46f159

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000055

Filesize
20KB

MD5
1c748c45ceb933f3956c427a23b2d7bb

SHA1
99766cad6ba350e22c48111531d4825fe6878985

SHA256
d7e85c7a5006e61dc9c2f375b8762cf1992b895dedaaaf2c079a9344e3a056ad

SHA512
b88d5f99b167d3fd2a67cf3785f5c5b1cdafcf01e862ede30c90075e0b08b9d33d394a2eb1d28c241cbdb99071bf8bade7013725d20dccd885196223d4b550ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005b

Filesize
155KB

MD5
9b04ea890deebe670f90a98d56639701

SHA1
8208837fbc05a8f1ce290dbb414d0cf66a809ee7

SHA256
52b8ad93f7dea35810a7fd20c933dbb1b0aef5b56c102a65369005ed582af5e0

SHA512
665e848fe49a1dc5ac06ce49074cb10aea46a8b7e756d8a3359f6a62964b1640a2fa51b0c031f592094408fe89dfc58326a332037b6678e37585c51928949bfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005c

Filesize
95KB

MD5
6a64e163011971edc540e198bc813572

SHA1
2c779fe626cd67a4650b2cf61b35bf326c69b87a

SHA256
c0f113698d2b99bfcf136fbc233b335e0716fc493c15e92375656a2194ecb805

SHA512
c16f534ba8b8d6c972b0f65abb23d5b6c923989f91df5dceace9c0fbe74bfdb99a1e31d85efc5d15cf336668868cbf2c773119ed080d0e6c7702422130fc6319

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005d

Filesize
28KB

MD5
d6033166abe4a77a50eb9d7850be8c5b

SHA1
4d599c44d85fa4ff3ffbc7c4eeba075c0ce73108

SHA256
d74c4471d92e7c818f73a443496058508425712ee67d33da43d41e4b52663e9b

SHA512
7daf235318484c55bf4377e6574cd7b668539248bdeefcfaa0621e5d591b6cc08dcef20b8ec83fde0c19b68aa31788d401d0a459ccf32efebf6c2400738885fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005f

Filesize
90KB

MD5
4cf26bb4cb1bea251b19837ebd67fb73

SHA1
b06518f3f5225cc969d4552b875feb3c249a53b7

SHA256
f28cba36651bba9aff4779bd3f19fa0cc85de3d8fb8181a24fb3d18f84ce8618

SHA512
da2db31b60bc27e6b6ac291e2dabc397dba716419d94a042ed516d8d740020a3754342ef2e5b93fbbfe813081bcc8c592cc1296faccca2bc529653a03944df70

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000060

Filesize
48KB

MD5
c71cf92103783b21f78dc899c08c1910

SHA1
47a48bf7452eecd9f22f1c4ba79fe8def6a446a5

SHA256
8ecbd49ee92bf16ca7d6578efe69b6f166e4fd7c5050306298d61348e7e5d3ed

SHA512
1eab36037895ebebd56f734b769a8da160b432d5d824b50da788240f6240aac203d71793e11936e5ecdfdbc094dc141201df498f219171a3482d9435c5a477e8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

Filesize
28KB

MD5
795d42f0aa6d6e52fae8798b271074fc

SHA1
cd61db2241226c9ac34e3ced08a704500116dc74

SHA256
68b3376b08333e0b5125cbb757f3799c4f18be08b68795f531011cbeaef99aa1

SHA512
1b64a7ccca442d428e0c9680deeb2b6917f93098fb03b52d1709aced12e72c7d40e4a0b6a8ca7c63fa10afa076c2f75490f08ff9dd53c07d90b013237b373e93

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000064

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000065

Filesize
20KB

MD5
aaba52b707a392f8f6772cdb32637f5e

SHA1
4a7ee36e467b2a8afb2c15a56f0a1890e9c81d5e

SHA256
d9e2a530fab681b6cfc0e7642d7be341e10f7b457c71a174501846d8d9674837

SHA512
d511e83ff363e19c4a54a1ad643d03ca4ec60ff91fcc309bc02cc4f60d14940997378206ec5635c23e9969b221231a6fb2253473d845cf259881feb720a36519

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000066

Filesize
215KB

MD5
d79b35ccf8e6af6714eb612714349097

SHA1
eb3ccc9ed29830df42f3fd129951cb8b791aaf98

SHA256
c8459799169b81fdab64d028a9ebb058ea2d0ad5feb33a11f6a45a54a5ccc365

SHA512
f4be1c1e192a700139d7cff5059af81c0234ed5f032796036a1a4879b032ce4eedd16a121bbf776f17bc84a0012846f467ad48b46db4008841c25b779c7d8f5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006b

Filesize
67KB

MD5
bcfda9afc202574572f0247968812014

SHA1
80f8af2d5d2f978a3969a56256aace20e893fb3f

SHA256
7c970cd163690addf4a69faf5aea65e7f083ca549f75a66d04a73cb793a00f91

SHA512
508ca6011abb2ec4345c3b80bd89979151fee0a0de851f69b7aa06e69c89f6d8c3b6144f2f4715112c896c5b8a3e3e9cd49b05c9b507602d7f0d6b10061b17bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006c

Filesize
20KB

MD5
b07da7aa3e4f363c5cdbc11312239e8c

SHA1
47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8

SHA256
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa

SHA512
420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6013bed987cb6db6_0

Filesize
35KB

MD5
397acb05300ba65ac1a9370783958a1e

SHA1
9115f82e319c82ed8ae43c7791771d94a9aad5bf

SHA256
f58a882b2978b8a2b9ac2916611e0f299e5c17c2a447c6b402d99d250101f48f

SHA512
44bbc350cf5fbb79a1fa183bd3d5b9b79f08c93efa125293a553d8624abfa558706bdee1fdecb1b66580967b23035597a00931630864c5e2e26ccc6a8e66b88c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7d401bb92bf199bb_0

Filesize
289B

MD5
d2a96e6347b0ed13027ef57c5a981a07

SHA1
395ef44ec96be914ee3df7bc997499974e19e8cc

SHA256
156de96ddfe90384d19552ca30895c531ea49a8e5e9f823212f3474db6f8779e

SHA512
9916e8249a7cebbe768ab2ac2333f7136a82e16854c963f6b0a2f4322fd5cf85ab8b3d83f58112f1b89048a2a5ca6cfcdf4406b0d0455b885b7d0a7d83da2e4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c436e276d29c9d83_0

Filesize
3KB

MD5
89ae129dcbf522a0a2290d3581f2f17a

SHA1
d824411c12a0b4120a9ac5b778a8689e918a167b

SHA256
d8bd955791cd2c8c07150242ae37f7ab3a24d5119664d7807259972828f04a8e

SHA512
b662dee879018ed4b1ba9104440dd8edcd27745dfd403054d14f13d751a7f7db1c4e9935a2e01ff98097283a79b3598d5962be39966a22359906b8953be37826

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
792B

MD5
964af0f98550ff9f97eb643a774c5e01

SHA1
92b5550021d1c89d328d84e3b0e92afe36ea11da

SHA256
1ec6a5423c7222b508b6c3262906b2fd46e93c1f45d71bc518e982d60a7c8b37

SHA512
080bc8d0a69ef2d23cf63eb6a7cce6324a192917c80ba2b96081e4c4db9f419dc8e97914fafa1477b2a791928f6d0e3e139821737ab157300d435f048a63722e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
32cf11fb91b86922aef8fe87cb1e6d49

SHA1
5f7180da0a832d0b754ab2939b687bf1aef49c2c

SHA256
2216d31b424885adc74e21d9156de5576b6abbad5bcd6de1d91f7453ebc943ab

SHA512
d9a5a33fc8f4ef5b06dfbfdc4fc069cb6ce00c97c94baba9a00ba1d38f2555a769761e0482fdd1efed7309df3706c7547554a6c32928a638c43d5528d0c6f0df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
5a9ef4f1a8b45a13205f85103642f5bb

SHA1
022600d8068b48b9384d93f99055863f95923f67

SHA256
bc6277026a87b1a42911b2d46e9f18ce171c3a350e50c59791a71db48ea08afd

SHA512
2e24e5527e3ccc55d4aa626267efeeea114aa210ba07933da7479e6fab2f4d2a6c5f98694d981514846f375349db2e30349854818368987b9ab1930a42572663

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
10b66f07c24ea5f675dab9553641826a

SHA1
78ca000487eae48fd4b90e8192c4f02f5cb93dd7

SHA256
c16385172f3b300ffe817146b9fe92d50ff6510d81d1f083114d3de0080f0a5c

SHA512
a0cffdf3d59aea2d641574c2145804b38760fbc04f808c564846697ee5a248cd419ffc73f51585fcb22fc461ef4fe114245f40adcb8a18cc9f680bd792e29863

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
898f24d3c54d239eecff0ab6f67bd3ec

SHA1
49a19e61665be603b370299c68849067996e93c0

SHA256
04180f8f4ff5287245d791f1869bf32bec23eff1b5cedfb060e6b863cd53e25e

SHA512
37a539709d6ceabd428f14e38d406abdd1fb1946a57872b1cf813b2a8db89abe33606a556cda7d97301711cf78b23ee605e6befeae0794f5793a64f5a0f5ef5d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
42KB

MD5
bb91d4191e94092bacf65ec7ad1f290e

SHA1
7daa591c17bc3b922923bc60c38f0ab1f5cba613

SHA256
8539d10f330f318e472917831ec1051fed57ef13a132d1c8b459604c12bb8d34

SHA512
c4f45a0d5c1f41ca401f1ecaf8817db0f30b7c3d0ab4dd2c314744ad94d0c0ac647da09c37eab3007251630bf91df2a6176d1673bc558cdfbdc393483647b37e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
09aa3e4c808d3143cb24e8da5917802b

SHA1
1520cc9658d306885b7b86c77f3d74b64ccc33fc

SHA256
fd9b7d9da904a507780be611cb7bc8267fab84045827c422406b86100717886b

SHA512
2ee0251e75e18a5d0449ec4f40b4bc655f2d7781bcd78d9fc795b2fd5b3ae1660bf6857fed76afc89179a096452197dd4e82209da4d36de0a0a41c2b1cc61926

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
a26da4341ec8e3a59f88b3da6f6bd064

SHA1
e689c41eb2c041018ccdf5aeb7349862a1c12365

SHA256
f55d5cdabe7054366b224efa9dc1c534d2846d964da4c2b77307e8a0d64a03e0

SHA512
541bc809eca8cba28b94832f4f872526ed05439bad21f856d9a950847ec8dd08ef6e24fe4aa353cb7ff008d9da557c7942e7b9583156ff2bf4f144a9451fffc6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
40bc7cb425ac84cadf17fdc7e3344920

SHA1
a56ede9bf52742ba062c4f4b206204d6f61dd742

SHA256
a78a6149e949b7bae584ea32602845b46aa6e9acbc8c36bd87222e11fc3a77c0

SHA512
26fd5cb1ff5253962aee1898039f1eab1617a5e7c58846aeb6d442c1b963a64002fe142f60d85049ba74548303bc648949c8c0a08c2d6b6c617780a1aa80a209

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
5d9b8aa811e486fe94e20dfc68e61608

SHA1
05f25edd318e1d4414a422684fc8124877cd433b

SHA256
d38c7d3cfcd290d3156af42d02c4db98a8dfe1bc2da6a1ff1f0b0ff5af9faffc

SHA512
13121cdfb71298ea97738d035cb2850e4764e3abdd1a5d8068e178fd60885e18e9c6744a282c2a811deb474c2c4621d44fe7b9860af62af70206a0ce21af4b5a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
4954a9f671ac1c03893feff800438f2f

SHA1
52a8e65c57a98f2d002f88455804adb1321b1840

SHA256
4dd8a501dfbb0c0fc2ed299a18686dc97e35b2d5bd6e25eaafe01782db0bf8d1

SHA512
aeb99f31c12fcb2e0a80202da9195b06e54b5b858a56572b3089c600720f2d64bdf43565b84ffe419860f9df5d54e8c7f7e4bf14b54c613d32e51f4a983c5c1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d90e20eda0bfe781fd245143b598192d

SHA1
b9e7643bc4f0367366c879a687edcf00eddb6de4

SHA256
ff193bb15c8dbdb0ee5c7d24b933c557a59ecdfea0baee8df3b58022cf23bbab

SHA512
eb1be775c0633bd520f0db790e02bb579ff916e82b1f2eee3188cd85f53a53a0934feafad2cfdef73c47902f5dedc1e1dc10f003b3681d008c35b33031ecac86

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
687eb35fadb601541f0be465857d944e

SHA1
c9e2903df557b75924439f129521abd450e54a92

SHA256
13edc344e7a3f1fc6f858c1a5a7e9ddc75cf886c7721ee7adaf6afaf04b33ecf

SHA512
aae8c4f04bc383641ce9af4d59d3ef1c95df089b0da5a0e79e48fd06026380ab4c0671b8e7b19ec1361af2b65d70ad40ad279c5dda8f5aee34544aced3a40e6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
b2ef8b113bafa52d4c113d5c24327f06

SHA1
f89bd588f9f8c50de2d0ee34a2ef2b0022bbea17

SHA256
20e02d46595159e872f30bcb6733787efa9bacec0db78f2c4023fb710f018734

SHA512
9c95e2cc982e3bac32896002c2290b27d69106986c467c7a6ece5c19aa07b6ad362bffd0085bbbb4105a3aa2d563540deb5e9aec27d863b2399e33aa4a35d879

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
4e065045386c55dbfddea07b1ca9519d

SHA1
d66e4c4f808e18f41d2e4788f070134f646ae353

SHA256
6941a18e300d72c7428f52e3481f29bdb4dd7e1db19845fd7e701ab24e8e768f

SHA512
8bf73bf36b21811ee0b84df9935e2223dd5611f654cd06849cc81786ee785616a42ea224f25ee77a84d4fea1be252e00ba1e0e0e53e27a887abd0e6993181c23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
29cfec601cd0eafddf031cf68884dcb1

SHA1
ad2f9e1126de0850df48233aad658a1ce8b7deb8

SHA256
0c0defbff72ee1c75e3048769e3a866f44c03e5478ca857912cfb96253d30e36

SHA512
3a48f06888808d640af7b779eab194e894982cae9be788c9311dd03676525138e5ff2d865bd8622c0aa89558ad0772dbe6c030fce76b8397284fa22e724f4acf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cac37d3f9efe05aeb24509fe8ef865c0

SHA1
2d2ab048dd0ad21a3d371c72120f27b0debf9ca1

SHA256
00f23e5cb82f7cc160469a75c0ca6ace1952107c26a0354360fa8a9abfa72507

SHA512
8d4de71cc9030dcad83f6c564d8ece297fd88aac26481257932d0f8fc1e4cc5e6d7eeb01e8114698a9b7a9955ace70c15cb340e86affebf818eda70cc27012c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
457b155fc0c11a87b7e37b062612247e

SHA1
0dd6787662021edcb6c9e3e4d1375e7c56dc5cdb

SHA256
f64935f72a36b6d8bb1f140e72f7510238841c515bfd879a6e08a463dd020076

SHA512
1ee80473e2aca29015f68cf193f96306c2e652280994aaf10095c8ddc21f549ea121fe2219be97ed73531b93db016d8fa2b5fefb6f43c3e88ce3e13b2d02cfb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
583a8b56eb2e4653c1dad5bc6c9115a7

SHA1
405cd76997943332df6a535c34e0941988172aef

SHA256
2be0b6c100d3a056eeb9181887f29965270eb39e0a88819504fdf2f2f5ce8e19

SHA512
a21f5b3396e05691e5a1f6599a8865de596c87db58e83cffe9c6665632693074c9cbc2120295dce08263bac21382500a5389c4b29485be73c1ca7d7022e469fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
63bee7ecd64f9d84f40d33ff838e3106

SHA1
dc5cd03b40b49d1b3ad9a8ea0564469961a1c35e

SHA256
425c048bf5eead1557bee6086980e01554763b5b9cb8d1912f093932f72ad83d

SHA512
245f57a69525a8ed5eac84a207ce747c2aeb63ca8a3a22fb45598f5ee2e875f842aaac8ee3c5da1cdf5c6fd10762289a1813e7e9d8f35993b990fff8536f17d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
1acbde4f7e11b7af3f23c586bcfe0b1b

SHA1
316eaf5fd9161e3013013737bbd7888491280f26

SHA256
1d1663e97b307ca1ad9a5783e5dbff75e9d3476581bd8ac50af2ae900eeb59ca

SHA512
32a61bdef272d39a1461cadec13698e7ecd64885d0f23a38d4ec121226ad3224ba5dec02702fff617d97b12d8f2ef9dd2674f73d436524d27e9151a0fc989290

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ce0e8b5eea2f94819e28281976006716

SHA1
f830df2b32ad74c17eec63e3badfacf5d0e3ffac

SHA256
6e7309f0de33c5000b9ab1593c2fe9cd333d51eb202240672923e92d5fe8a692

SHA512
0ffda37bc1b6dacfc6c60fa60bba829ea2f3d9fd4b39bc0fca76f0ec56850d48940b05b9b063d445600ed6bbd2e285336a079c61862129d342289bf5ec4a6296

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
781b34f4ee7573d60252a96e23a2c75e

SHA1
94a382e71c1b9380e18c020ed2a05244bef7ab52

SHA256
2e4f5bfd01f468d902c8fb6d8a7a564d274af6c8c308b445bfdb64da3556ecb0

SHA512
51ac173991f997c9cacbfdde1e7d8e9d0a4e67d6a42080787bce5264d8369ba28a20a79fe3a463af6172aaf27b3ed71f45197131cce1c98a5dae09a3edbd07ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
4cac801d90b4290cdaea2514ec0ebde7

SHA1
dfd4759912b39f3f2e98ff4d6828e973b67d7307

SHA256
bcd47e94e7e06d561fa89d1464b7c3c4228e61b5a4649197ed9ef8bb3ee9f3fd

SHA512
819a297450d6815da54fe047c1a82c0568a52a2940aff60c04b958f4704aef3a738aec33c4bfe9da3d7a0fd36a6293c7356392e7d937f569610775ac02652cee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d2b6c41c98347841f839a129b3425927

SHA1
e2fdc0d7e15abe386ba3d08e1592a3a5e734d913

SHA256
e39af186bff4944baa88b36333c2116aaf6d03a5eb3005216d64a86410287490

SHA512
04eac1bf62481aec6010145ea24e0d86274acd08e4f14cd5015cc8b03970ba43a254b979e79f5e71361bb5e8aefcb5a3788930741608548510caadf6b5c9ece0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
1db2d2c962011d91ec87641c7f5dafc4

SHA1
3a68d0260dc624674e6c04a8ea95ebd91930febf

SHA256
ebe29f5b24adf507d3991addbfeb888d00b0a4bd164d722711fc014491d8989f

SHA512
337edb558ae487f2e4d2f398e4143c29c68649b19e06ad0dd536ef653e13e6317d7af4e9d4146462b0f7347fe26493a437f9a9a87365f2a0da13e49ca83fe272

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
c7daab38b964dfbaf251fb52dbd408cf

SHA1
11120bde1ea124e0c9fe5bb44bf620c38c3177c4

SHA256
1e03c5938b70ad8cf9352c8d41eb38f7c706476c84d41853339e38c54ad87306

SHA512
b40c5afb120c0dac18646abd631231950321a8f4115d8f10482452d033086e1cacbe7dc08c66c7ba447257061db6b74f58e5dd29c0c54f0e4295a73d45f77c30

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
020cfea50c7b9b8bc6cb1e83f03463a3

SHA1
be90c651a10402a39924c9b5622e52ee622cb130

SHA256
9a54f5c46834029735c06c0cded94cbebf3caa36c237b5db3f444d1d0d69a61b

SHA512
edcc6faeedb9af6c2648a35d7d2579111cceb29a2e1eeb63eaba7eb22e9ac39dfbdac36b3118e66eb8989d1ad56054e868aa4083030b4113cf1f688ee8c21f61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
116KB

MD5
8d8e2649e9b447f76a4114d66b7a4ed2

SHA1
7582a68f1abd432199b726412d721a3ad14b3317

SHA256
b421af82800b4af530e994558df46e682bade555bc6d599d2346715057af38d1

SHA512
bb96d4b40c8afbdfd28ff58542a62b96efe969cad0379aa7c1a4797e2fedbb65b21a5bad7d91bbeb1171d39bf3d2a5239f08e96093bcd27e9d773a5e00366657

Download Submit
C:\Users\Admin\Downloads\HVNC Beta1.rar

Filesize
2.8MB

MD5
6a04bd56dd8b58fe9890cc67f0eecf28

SHA1
89161e0e30f4bcbd9e29a312a1988cabfed8c702

SHA256
70fe8d7025a72d3bf71dc42d9487f0e6ce536241afd06a9c3e3ca9ccc27abcce

SHA512
0a8b4eb044936f8303a1efb37fa696cb0fdfded6196d79ef96db8f8f8c31ebe68d15e53538ca41c5a386502adb674620bf86ea23e96dec401ed553bcc5b718c3

Download Submit