fc5bca3c384922d0d27ba63e56e22c4463206cbbf90ee50a115e644278837420

max time kernel
139s
max time network
153s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20250113-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250113-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
18/01/2025, 15:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Знімок екрана 2025-01-17 164150.png
Size

89KB
MD5

bc6ca19d49bf9037ac632b050e2c7b36
SHA1

3505656078d7dab8cb4e8a0987113d7d146d9cde
SHA256

fc5bca3c384922d0d27ba63e56e22c4463206cbbf90ee50a115e644278837420
SHA512

9ab597c0d067c7ce438ab8e0d7d554124612b85a4e66640e979677866f9dfde48489c33120e75ec902fc6bc85b3616cbd53bf6e9d03457ebc1f4d20e25cd9f4d
SSDEEP

1536:zgmr9TL/IDgOTLEU3uaMSnu2YsA3DNq3EcUfeEoCTWoOkS00zsRh3XY3/+hAOAf:8mr9TCTxrANot6eEzq7kS0dXY3sAf

Score

8^/10

microsoft discovery motw phishing

Malware Config

Signatures

Downloads MZ/PE file

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-2449540194-3226363261-2578591490-1000\Control Panel\International\Geo\Nation	cmd.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc
534	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html

Detected potential entity reuse from brand MICROSOFT.
phishing microsoft

Drops file in Windows directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Debug\WIA\wiatrace.log	mspaint.exe
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133816871060067157"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2449540194-3226363261-2578591490-1000_Classes\Local Settings	cmd.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1580	mspaint.exe
1580	mspaint.exe
3944	chrome.exe
3944	chrome.exe
7572	chrome.exe
7572	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 63 IoCs

pid	Process
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe
Token: SeShutdownPrivilege	3944	chrome.exe
Token: SeCreatePagefilePrivilege	3944	chrome.exe

Suspicious use of FindShellTrayWindow 33 IoCs

pid	Process
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe
3944	chrome.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1580	mspaint.exe
1580	mspaint.exe
1580	mspaint.exe
1580	mspaint.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3236 wrote to memory of 1580	3236	cmd.exe	83
PID 3236 wrote to memory of 1580	3236	cmd.exe	83
PID 3944 wrote to memory of 1880	3944	chrome.exe	91
PID 3944 wrote to memory of 1880	3944	chrome.exe	91
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 672	3944	chrome.exe	92
PID 3944 wrote to memory of 944	3944	chrome.exe	93
PID 3944 wrote to memory of 944	3944	chrome.exe	93
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94
PID 3944 wrote to memory of 1204	3944	chrome.exe	94

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Знімок екрана 2025-01-17 164150.png"
1⤵
- Checks computer location settings
- Modifies registry class
- Suspicious use of WriteProcessMemory
PID:3236
- C:\Windows\system32\mspaint.exe
  "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\Знімок екрана 2025-01-17 164150.png"
  2⤵
  - Drops file in Windows directory
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:1580

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
1⤵
PID:1408

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x220,0x224,0x228,0x1fc,0x22c,0x7ffcdd06cc40,0x7ffcdd06cc4c,0x7ffcdd06cc58
  2⤵
  PID:1880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2136,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1868,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2316,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=2480 /prefetch:8
  2⤵
  PID:1204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3148,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=3156 /prefetch:1
  2⤵
  PID:2644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=3344 /prefetch:1
  2⤵
  PID:4900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3664,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4684,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=4672 /prefetch:8
  2⤵
  PID:400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5000,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=4996 /prefetch:8
  2⤵
  PID:3992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4908,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --instant-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5084,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=3188 /prefetch:1
  2⤵
  PID:1792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3544,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=4544 /prefetch:1
  2⤵
  PID:3792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4564,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=4608 /prefetch:8
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5284,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5396 /prefetch:8
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5280,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5196 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=1168,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5416 /prefetch:1
  2⤵
  PID:2192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5516,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5752,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5736 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5676,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5744 /prefetch:1
  2⤵
  PID:4792
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5536,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5840 /prefetch:1
  2⤵
  PID:964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5772,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:3068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6032,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=5944 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6020,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=6160,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=6276 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=6476,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=6420 /prefetch:1
  2⤵
  PID:2568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6856,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7100 /prefetch:1
  2⤵
  PID:1956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=6788,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=6764 /prefetch:1
  2⤵
  PID:776
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6784,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7056 /prefetch:1
  2⤵
  PID:1924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6932,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=6912 /prefetch:1
  2⤵
  PID:4316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6880,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7264 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=7436,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7448 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7556,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7592 /prefetch:1
  2⤵
  PID:3672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7584,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7720 /prefetch:1
  2⤵
  PID:3456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7872,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=7248 /prefetch:1
  2⤵
  PID:1340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=7856,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8016 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7972,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8156 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=8248,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8268 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8296,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8412 /prefetch:1
  2⤵
  PID:4368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=8540,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8556 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=8576,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8704 /prefetch:1
  2⤵
  PID:2968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=8564,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=8844 /prefetch:1
  2⤵
  PID:2980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=9052,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9088 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=9028,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9180 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=9376,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9372 /prefetch:1
  2⤵
  PID:5624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=9204,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9464 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=9592,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9616 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=9628,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9756 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=9776,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9896 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=10136,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10032 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=10220,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=4384 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=10096,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10324 /prefetch:1
  2⤵
  PID:5568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=10844,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10868 /prefetch:8
  2⤵
  PID:6004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=11004,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10996 /prefetch:8
  2⤵
  PID:6028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=11196,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10856 /prefetch:1
  2⤵
  PID:6088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=11280,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=11204 /prefetch:1
  2⤵
  PID:6080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=10104,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10200 /prefetch:1
  2⤵
  PID:6184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=10740,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=10728 /prefetch:1
  2⤵
  PID:6272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=11692,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=11476 /prefetch:1
  2⤵
  PID:6280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=11352,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=11844 /prefetch:1
  2⤵
  PID:6380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=12000,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=11724 /prefetch:1
  2⤵
  PID:6444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=12008,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12012 /prefetch:1
  2⤵
  PID:6452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=12268,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12132 /prefetch:1
  2⤵
  PID:6552
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=12440,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12408 /prefetch:1
  2⤵
  PID:6616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=12452,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12572 /prefetch:1
  2⤵
  PID:6624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=12596,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12716 /prefetch:1
  2⤵
  PID:6632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=10892,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12852 /prefetch:1
  2⤵
  PID:6640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=12888,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12896 /prefetch:1
  2⤵
  PID:6648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=12996,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=13144 /prefetch:1
  2⤵
  PID:6656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=13280,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=13288 /prefetch:1
  2⤵
  PID:6664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=13432,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=13316 /prefetch:1
  2⤵
  PID:6672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=13460,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=13588 /prefetch:1
  2⤵
  PID:6680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=13600,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=13724 /prefetch:1
  2⤵
  PID:6688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=13564,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=13472 /prefetch:1
  2⤵
  PID:6696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=12724,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12164 /prefetch:1
  2⤵
  PID:7152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=14128,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=14148 /prefetch:1
  2⤵
  PID:7228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=10068,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=9892 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=12148,i,8574438889930560164,397081397023979060,262144 --variations-seed-version=20250112-180253.846000 --mojo-platform-channel-handle=12272 /prefetch:8
  2⤵
  PID:7792

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:2600

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1452

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:8184

C:\Users\Admin\Downloads\OperaSetup.exe
"C:\Users\Admin\Downloads\OperaSetup.exe"
1⤵
PID:6048
- C:\Users\Admin\AppData\Local\Temp\7zS0A7C88D9\setup.exe
  C:\Users\Admin\AppData\Local\Temp\7zS0A7C88D9\setup.exe --server-tracking-blob=MDEzZWE1ZDVhNWFiN2M2NGQ3MGExYWVlZTA1ODg0NDVkOWYyOTIyMGU1ZTIwMmYxNWY4NjI3MTRiNThkNzI5ZDp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL2dzLWF1dG8tY2xpY2tlci5lbi5zb2Z0b25pYy5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYVNldHVwLmV4ZSIsInByb2R1Y3QiOiJvcGVyYSIsInF1ZXJ5IjoiL29wZXJhL3N0YWJsZS93aW5kb3dzP3V0bV9zb3VyY2U9c29mdG9uaWMmdXRtX2NvbnRlbnQ9TURGX1BCJnV0bV9tZWRpdW09YXBiJnV0bV9jYW1wYWlnbj1DUElfV0lOX1JUQiIsInRpbWVzdGFtcCI6IjE3MzcyMTM2MTkuNjAxMCIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6IkNQSV9XSU5fUlRCIiwiY29udGVudCI6Ik1ERl9QQiIsIm1lZGl1bSI6ImFwYiIsInNvdXJjZSI6InNvZnRvbmljIn0sInV1aWQiOiI1NzI1NmZjMC1kMzA3LTRhOTgtOWJkYi1lODJjYWZjODZmMTYifQ==
  2⤵
  PID:6788
- - C:\Users\Admin\AppData\Local\Temp\7zS0A7C88D9\setup.exe
    C:\Users\Admin\AppData\Local\Temp\7zS0A7C88D9\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector-2.opera.com/ --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktop --annotation=ver=116.0.5366.35 --initial-client-data=0x338,0x33c,0x340,0x314,0x344,0x7463cf0c,0x7463cf18,0x7463cf24
    3⤵
    PID:6024
- - C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\.opera\Opera Installer Temp\setup.exe" --version
    3⤵
    PID:1740

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
34KB

MD5
262bca5a6c0e7c828a9a54a73979ba20

SHA1
9c8952dcb7d9f95054aa067e912df6ea876c9512

SHA256
b3efcabdb296f5536beefb6c7f8af444e291ee87396bb6969966abeaf945cd1f

SHA512
e44c6fce5dd33b6b0bf7d72b630e9e76efa415dd09af60b14e3ed7ac0ceb6694e5471bc24e25d10e0249800586d1ac8772680670d0424a09efe3cabe2aa6ee66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
59KB

MD5
8b34dc6963cfbb1cc9d219f31a4167ac

SHA1
24030731a30011bc21b7fac9223cf4275642d6d2

SHA256
b1ac0213bccf35f622c531faee94d839828b0131d07b2a740e279694a2759c49

SHA512
0082e9e9b0615256b2365c535faf75d3f3d1a4fdee6bd5b899e90b2c39ad4dc42e7382af9159cbcb8bd93df8975eb67343963637794db3b41b47a8e0a04809a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
35KB

MD5
a5d5b755b35689cec5ae57773c21dddf

SHA1
9ba8b60db5e24730e95432b2a6ba4008ce9f379e

SHA256
16d31145b521e491174ee50706031123df8db200ec2672427a301f523360168a

SHA512
7aa5bd8ca3b710918a03d3a7b1b1ec113262b18e69bdde1ab843121b1bc0e1c1338ae776adc4b5b5b5095c8f8fea348d0e9cea579c81175334a3a94f85f60a6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
66KB

MD5
8a3412eb72b99897560919845bddd9d6

SHA1
0aaa523fc31a6da7da894dcd2ebd0770b10963a3

SHA256
66768c07882d78be332c128162d0fe462450159ad166affd54314f283596c011

SHA512
1ad71bbfc9731623d0d3d3176f300d6a63830f22dd033fe2060cf810de7992519ee7b7705f6f96e711c7bdd6b947c24e3ee6e26810fa05121d63fd71a4f7555f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
176KB

MD5
a47c916536bd64c9280a5291340c06bb

SHA1
404f8674779577324f1a4c7b28dd61871c5de418

SHA256
459a66ce8d5dc288ae8c138a632305d021ab8afd9f9bd8e589b3d6976da2adf7

SHA512
3ec422d7700710e155404d7c406d0d74bb575661e04c2b9356ee75f6dd89faa9c495457184b8f00149c7126002931ad323193bc083e372a3ef2c7e2aa6c9756b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000040

Filesize
215KB

MD5
d474ec7f8d58a66420b6daa0893a4874

SHA1
4314642571493ba983748556d0e76ec6704da211

SHA256
553a19b6f44f125d9594c02231e4217e9d74d92b7065dc996d92f1e53f6bcb69

SHA512
344062d1be40db095abb7392b047b16f33ea3043158690cf66a2fa554aa2db79c4aa68de1308f1eddf6b9140b9ac5de70aad960b4e8e8b91f105213c4aace348

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

Filesize
66KB

MD5
06702fdff4205590c1caa29b580e9620

SHA1
966017a8f488ddc3707f7d2c22a6c7eb51f58f29

SHA256
7586590346cdb9520dc3cf7131e5662b3c4407d2624ec22dd0e1c1eb9725ce36

SHA512
7c39333eb130eba6c9f57c50b8b6fbebf90c3cd49bbd7a967c6d31f7b997ea085770b84caf4ae2d984898a445535a20777c671e382e2da01e21e1c40248d322d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
670a359a759871e98faa1545440fc1d8

SHA1
e8674b1e19c65302a7b1aee70003c2bc7a66e11e

SHA256
d931511cca3b86e4ae98922a294d925accd5edb3b49d68ae92bcd27ce07cc54f

SHA512
f21d0c64fa91d8f506301080a140b7652a273891b6f0088419e9e2c1a10090d90c02e44b1da4283e4ae7c0dd4742de8b90344dae694a0113ea73b27fb69a1098

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
29KB

MD5
792483d87c3a4da85f1ee3f676ccf51e

SHA1
5ba3aba89ff24c9364afcc94b9bb9f4487e73099

SHA256
2591841171e190904b2df3653eb107b17d486d97aca33507e8919c52023c765e

SHA512
661142bec15464b77da5b0aaa4c340298ec491208c0e5da27c98021780892ed1e85dd8629c5e852e424cbd01155936335cfdb73c692fb139338299d0fa4e5aa1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
5bb4471d1874763680d233d2439688af

SHA1
1c3c61f19c2538500a299059e79c47f132045554

SHA256
4ce0a4eacd7ae44020d06725c1b0db0c247249c884dc605c756bd251260683f4

SHA512
2b2880d0c6c9ab8791616b6bf6e29340e9908dd038aaa55ec3c9f86a7f9249429a05d8ed1cdd32af7c86e1b5d880e3dd4607f21ea4cf445470315b8d3acf6263

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2b8f4a60fac5ba207d2eb217f3703308

SHA1
be81b3977e334c83655855193bd242c331b4660d

SHA256
2d02aa35e460f3a5fcabe9b18eae5805cb0546a65108ae00cf09170963facd13

SHA512
0ead66f25d1b331cae31cfdaa7bbc59fe4abd3984ab8a20b96e50219b96ff39f95bc766983aa279583420d2d6eb8174ad2618e59e3df5da082df616462eea6dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
17feb771887087513bd6c6e97382b3e5

SHA1
61b09421e90775a08ff442ae6d4a920129b2b93c

SHA256
02ca25381bc902b6a19662a3ed7becf177cd6b27f975f588518a9f0dfbec09f8

SHA512
7d9c471e56b47d8e37649ff58efeac067ba61fbb37e0a94f85f82431eee0f1810c3c7e5001e4b3bb7321151b43010f9fb008f9e1bbba768aafbc64aef7fc036e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
b044f3b73b14cf68e37994d34d6252de

SHA1
ff2581f99a717ab83c3389a3fd9307ae664876ae

SHA256
4b3851ab862701c1b1d6243ea4300401aa9df667edc251cfdd8d832bfe48c576

SHA512
539c61943d76ee5d9bdc83171242048af53c3eff8cf25e18b221a70508fc289e5bedfa06679f2ede60b97144dc155ccce5ae80e71b12b5fa78e3af06b7129fff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
c84c84b5ade3dda4a32f33cccc6a52a9

SHA1
5b691b459c3cea30bb92694aaadd316068ef45e4

SHA256
76a1a3c19479cd674ffa6b528d32a20f0891b102b2c12469de61ca240ed3dd7e

SHA512
5326f332fe8670eb68a499a823fbab94e676edf70f1bc440a325d5fff30565061f182995af8791bf974f49a8f3a1f4e760dad4142bef247686f91466442b3c26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
49ee156b271054015383a30c1f5816ff

SHA1
ae1394ee7687a105c120abdcded01fc250e89422

SHA256
c1af083b5acab39c7ac4ecfa46b90729f4018265ca6f146cc0850e3ddaddb0f8

SHA512
10fbaa9c962b01c3c97ad65a2d08253c50108ea3906a979f0fb7602f6b030e929ddc8c7a3673b0b9c48254184793ef18ad0ec276d0b8f3a9c37038fa025ba3a5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
58d5e995f82db6fc0897566c6ee2920a

SHA1
264c6368eb6b20c6658e44a2fe741b8e02836d10

SHA256
118e96926d4251642daeae7974acc55c2c7e00f821d9b8d769e623ab4eec57ac

SHA512
ec0c321521556ba015d58ac194ac3b7b7c5df748504b6161122712a940d8eaafb7eb6deb2b87b873256fa337ff20db96c6fee327fc37832335f5abfef761b421

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
930b1cec9aa065d8b00d1cd8f9a83228

SHA1
cbbf870f9d1a92717a51fcc407258c79852ae2ad

SHA256
391699f35ed092dd97c25df6259d6b1e8a2ac9c2237f40b0d15e22593400334d

SHA512
537e77db1c3342de1c1aea6391206de5d7164433a98cfdcedd7fc91fe971764ba13f09f3ac8650afa2bce98d094280a5081f7a33807b29949385f8eb05f5d2f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
7fac194b6d5b58dddb1020016912a96f

SHA1
6189e1d06243ef37ecaa97d15742062336f8533a

SHA256
af995214c5f431028b7385958b633dd4ad1cee1f280c9b8cb1e09f188e060632

SHA512
f8dcb5420283d4efacd81c973b9750419b56bd2f370542322ce47e05b4a538fad53a00fef056967e2732cf4702e3188f95c09becb50d4ef488a9cfccf0691bf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
d6d58a2e4263bd6682ad731db84951ce

SHA1
680c0ef6ca58cb5f0a24521c671338855691e134

SHA256
a3a7b5cedb23d489f223b68574d3ec51ce949bb5fb200658456ac42f3d3356ef

SHA512
e48698a3eb7c3fa803926c395127d811f7abd109790ab92d08879dcddd8e3d32a71bf4bf967c469df86eae93fe9adaa8b1b475cda9dec483f23674ca7bdf669d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
522B

MD5
35e5321a1af6dd2409f02e2330c4731b

SHA1
b2af14eb99cd6eb2ccdf792d0f742175cf134ea4

SHA256
6ef0ecdfc813dc50688f1fda4f04409b7c54e1fca6dd3aa28f3795ce2df4676f

SHA512
8f125864f2aedd64b879c5226a42b802b520a20a9a63534a328c0295aaea81a44b6d16214a4cc9c57af9ab303486043fb7fc1eccdbea9ccd6fa2145f7b1f7f99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e6551d6e446319324510576e5484e262

SHA1
bb5321a5cc2e7ce5995ab6f2587083c85a34ea57

SHA256
f5d3ff5e3b85d7ce29b33b94bf778d7ba87a0128d421e6d854f64cf847b46387

SHA512
ad4f97b792ddb4d25c47df3705744821430e5916a3a00b5b5322e417c8aa009d04b2548da2e7b492f0b4096d87f4088453069b120cb11cfddc345921dfa33003

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
b81b201df513a419bb6e33a7bb122715

SHA1
975b5e137749ffe102f5c0d5b2b3e1ab4aa3094a

SHA256
11c2fdfe0ef69a77f43a6f68bb4f8e0b257f4cbad6e791e2cc93fe73f0b4f228

SHA512
ef03fd16369c93ae5229aa4f97e77bf2d1ce1c7db5a39561fff8faf5d713271e9e424f23e9494414b7239b1dc9f0be7bb16872d47192940e00b376621572dfee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
b7948ffe7d6120d10499f72a3b953013

SHA1
5d4f7138c5a74f3ae88e28c22a1d085896ce6a30

SHA256
24312150b42be4d7eace757159f7ca2be9ce9de5eb465122806022b82055dc4b

SHA512
b6fa23d3416220832c2a83cc7a0b426403c712e7ca8b1e0af11d20f7345f6d166fc4e4a255d108abe91c64099cf68e9bbc820b0fc27511bfcc936565b5d87fc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7e02fadf2895e4a7a9dc3bedc4a0d655

SHA1
fb6aa7cefab561f2c6998dd5b3d4574424c8fd8e

SHA256
23df62624d8c37f3cb10510de014b82f0125e4d5756f9be49b1e50de018f84e3

SHA512
b304ee6d792cd36f2d83378056ae29a6fbab5793089fee2cbdfe1266650079bc82238672ad55b2119a41705888dc206330b8403e15341432d9d3624ca9d2d1b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ce8bc80667182483590829b740a79eb9

SHA1
65148794eb178ee546773c662c2ec0016a947ccb

SHA256
033912b0466ae7723a750791a9a47daa72835a733361b9720c2c5baaa2f7f18b

SHA512
2e510c302e68fdd666e0edb0625f8d722d7cf33c0569ef10dae055109e9ee8a15e27cb2af8172d41deb0efc57d2d873a076509a8430d158be7b33b32ac30f837

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8db66055d181d52ae8b498e036bd9e15

SHA1
988431ae35353d366e281cc5b7840e7bbac660cc

SHA256
e934e640d9c81c8888b67688a0313530febe53e41cee01a6ef297d0dbc259644

SHA512
fcd6acf6db5094a874e0cb0cffdb272933f16121c524027bc91522885ede8751e8272658f963ef2d942a3658bd7f009a8679c2f75445eb7c17054d17a93c91f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
67c8cc3831d18978d98cfe3dcd9393ec

SHA1
aaae3e252eec744a6ca17bb36a6dbffe08793747

SHA256
bc4af0fc21762fa86506bbdb52cfec29d9111d7564a6ca70a02c242e7f6d771a

SHA512
1de3d072fdc9039fdb51abb5902243cedd18869312b5997c3aae6ff519d1f541ba8be4448a8b844d079d2ecb5bcb287e95ab35b5acf126779aa75cd935a2eea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
53bf1ae8c5f1c88d3c1e28f8b873038c

SHA1
e0fff06aa9b8cdc4415d82e6d2c97096afb135c9

SHA256
8f08e4d1ab8780b3f71b30ba39adb6ff7cae5ac7144d9c4a6cd5fe1fb907f724

SHA512
79f53bdd6fe65ba73a15d5b953b047806c135de0e85fefc525fa73090c1cd0b904889ba44d418beca07c888c1df30b8bcb0c3d6c464137f21cd35acf9e212a4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e29499c6fb4a3493f7455286260d29ee

SHA1
e14a05fedc1c6b14b4a62891600fdf03a17ad7ff

SHA256
5ef069eb0aab37e118b1f95378f27956593b9a63bc58b4d8d221de90a33b14e9

SHA512
6dc5819de870dafc7da8801d55ff8f565bb83ab836a117c4582e487edd1bdf8f9ae6ffab24a1d4b83c8707319f3c293e914d6a2b68efadcdf8058f13e85f5554

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
de4c9fcee8998b434f7fc6c074fb9fc4

SHA1
cef71de3432edf8dbc7941e2c843369480526be8

SHA256
29679370782be302b7dad1d522bfe902a73b2f86a4faa1c415566ee8b14bd9c3

SHA512
95dfa831019936a998bb08bb8fea5523990758cdcf7ebf92edb0d405999bda747ad72594c468d1efd4106b696f0b7ddeed1ce877fe556f3e108d73d3ccd1a050

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
cb4c2fdab8c1affdeeec9e08d97199d4

SHA1
acf16ac8ae3ac632a182d587f0c617f0699a33d8

SHA256
5321aeea039bf271af0d2e5796dd13a1640213f2305726add8bb2caaab566aa2

SHA512
5c85a487d4e26f67816979ab51709455d72cb9b595f3bb8d223000c3c4c9f7f385e99e682f5b9ed9b254d04c308d8307703522889a98b36fb997d2ca969920e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
93aad1aeb05d27961d14f57a594da9dd

SHA1
72367535ae5f63889bfbd5e1350d9201f1a97e5d

SHA256
0734a9e2c8819bbb5654a9f55c992a7aacba9a384de53c4a9f11b7de4e742637

SHA512
7fbd3f2e399dd5d7f44ff70c41de896250b26aa40bbea10b654f16513829ba4f29e4c1255580157d2026b7ad49e695e90a30644164a49c83d2560f6011444bcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
d14381eb27c9ea7f335b390ad4d9bc1f

SHA1
b946c649d65c55152c659f2199e2d601493e63cb

SHA256
fcc48a3c40aa6fde26d4f669a33b5404874d517061929ad391b3c2fd35b4e473

SHA512
55a12ffb314dd8178bc8127cea7c4292c3773625e70f6baf4c3794e0cf55d80aecafef42c28158aad5b07e2ea8cf2dd63a49098989fcb80fbc27d43113ca402e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
f286074cc857b5c1b4c94b746f4161ce

SHA1
5a4f92fb1dac71d3958d95f24d6170c5e7f5613d

SHA256
8b7c3b904df7661bc01b1cf2185da228ce3210fc4e0ee351600b8a13cfddb54e

SHA512
500ae0ef738924a5c105b455b0c1383bf33c91f06364f014aab01adce81732e4a9bc3aaa28944e21dc1fc1f49dee307961151a0fd86d7fb4921cce4f5ceb233f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
5945ec7738caf3a90cf43ee14005dc91

SHA1
02589352a535958e0057dde8b82968ada672299f

SHA256
4fa6441227e45cdfc03e5e935dacb61161a35dead256de2551cd034bc539ba33

SHA512
9726212a8505ee43cbe71ca902e829ef618d413936180a873376e27fa35fec2d8ee74f91c2e80156480bf25ef7d630a3f7686b831ca453735943a94229e5bb5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
23a9bf2bf893611f1e3499be0e641038

SHA1
b2306b583d1d39f5efffc17d50fb47aecdf7012f

SHA256
4f0d3a8687ae626b53f4bdc953bf10c74401d3791db70b14810928b564e3cc2c

SHA512
40761a87c9e30d119adf68a8aaad2333fb5da9d3e3fbb40a52bda982740980e4729d2e85aa94fde7272d490e8d8142dc3296d27002650a09aaedc8d4ebb94d66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
930ebf4906f6acae321ee49332be1873

SHA1
165d9785b9ad041ce74f21ada8df8b2be716392a

SHA256
1022589b6a6fc50d8a218c4be37ef193f1e8fb62fe2b63217405326bcccdf680

SHA512
86895364e7baad2c099a1f5a328ad798406855f63fa4b1a460dc1d827d658993d57f3b055a18b25ee9c6c445de93b3c0645d19cb7e4d4d1a830a73bb9d243b51

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
233KB

MD5
59b8716663f6f619442e658688802427

SHA1
9815348acd7df5ba72f5228a5d3b7f636ea4743c

SHA256
8acf74f48cf8044e76f3d9ab1846c961999d46e3d8b77c31ac372972955f13f0

SHA512
56a89a8163770451877c5d1fcc89f15b95cbda483dadfeaa2b289f23c7354081c14c72cbea93b9788f4ee4a1b5176ac423fa109dec18f52b2cdaa9abe6f9492d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
233KB

MD5
aa3f073b818faa0209e79b0c57b2ac33

SHA1
574bc2a838616303c5f9f10ed26759da1364a9d1

SHA256
90719dea30c8efb949305a90a78b7f3b06ea6f31f46bc6db0fd014797dacc62e

SHA512
fe89caaf11bbe31963ff0e0721bf38c3c1890147f6e2635a85f8691682282803e3def3fafdb5a84100c6183cfda0a9cd2d92abf0d72615af3ab6da9b6b038c4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
233KB

MD5
9e19a2553178f6cf7e55a26add81d9ad

SHA1
da00bfc1a2196e513d4460028ac8d454f4e95814

SHA256
dd7076d57976f27336136d3197584a22d0f71cae017440c58e4174882e0078d6

SHA512
ce39549eefb917a192a41796982af317e7daefd69bebd509739835b88aa8a57daecd129ce444ebf07cd6f2db73fb3a921402f5548bd1a30fc806d5dbbb8c8034

Download Submit
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2501181520318526024.dll

Filesize
5.0MB

MD5
6f809bbbe1275e1e71427ff63165fcff

SHA1
c2a1726e038fbf7c583b0bb5faac91829dac7ba8

SHA256
51d12738523cabf3b96b9bed29ff882a36233a59c97a01e691552c547f0d733e

SHA512
dad32cfc4d04540c00d5f184c2c1d9b96b391acf563818490426f5e6051722a81a8f35e73142d79599c2c557fc78de5680481c1b47749bcda99148cbd273c2a0

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit