hxxp://taskbarx[.]org

Analysis

max time kernel
482s
max time network
488s
platform
windows11-21h2_x64
resource
win11-20250313-en
resource tags

arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
submitted
26/03/2025, 20:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://taskbarx.org

Score

6^/10

discovery motw phishing

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs

Web Service

T1102

flow	ioc
108	camo.githubusercontent.com
159	raw.githubusercontent.com
7	raw.githubusercontent.com
10	camo.githubusercontent.com
104	camo.githubusercontent.com
105	camo.githubusercontent.com
106	camo.githubusercontent.com
107	camo.githubusercontent.com

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc	pid	Process
374	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html	3120	chrome.exe

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133874941144570561"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\NodeSlot = "5"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\MRUListEx = ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\1	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0 = 200000001a00eebbfe23000010009bee837d4422704eb1f55393042af1e400000000	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\1 = 50003100000000007a5acaa21000616d2d4554003c0009000400efbe7a5acaa27a5acaa22e0000000ab2020000001c0000000000000000000000000000005b8d460061006d002d0045005400000014000000	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 = 60003100000000007a5acaa210004150507e312e50554200480009000400efbe7a5acaa27a5acaa22e0000000fb20200000010000000000000000000000000000000d72a44006100700070002e007000750062006c00690073006800000018000000	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\1\MRUListEx = ffffffff	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = 00000000ffffffff	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Generic"	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	chrome.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	chrome.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	chrome.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-976934595-4290022905-4081117292-1000\{CE095437-483A-4842-A0A7-B45213448071}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-620072444-2846605723-1118207114-1642104096-81213792-2370344205-2712285428	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-976934595-4290022905-4081117292-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	chrome.exe

NTFS ADS 3 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\TaskbarX_1.7.8.0_x64.zip:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\Elite.apk:Zone.Identifier	chrome.exe
File opened for modification	C:\Users\Admin\Downloads\com-soft24hours-dictionaries-dictionary24-16001014-50888794-a78f4c3ba940ecbeed3af47188762410.apk:Zone.Identifier	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
4140	chrome.exe
4140	chrome.exe
1532	TaskbarX.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1348	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe
Token: SeShutdownPrivilege	1224	chrome.exe
Token: SeCreatePagefilePrivilege	1224	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1532	TaskbarX.exe
1532	TaskbarX.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe

Suspicious use of SendNotifyMessage 23 IoCs

pid	Process
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1224	chrome.exe
1532	TaskbarX.exe
1532	TaskbarX.exe
1532	TaskbarX.exe

Suspicious use of SetWindowsHookEx 13 IoCs

pid	Process
5744	chrome.exe
4568	chrome.exe
2436	chrome.exe
2556	chrome.exe
2556	chrome.exe
2556	chrome.exe
1348	chrome.exe
1348	chrome.exe
1348	chrome.exe
1348	chrome.exe
1348	chrome.exe
760	chrome.exe
6024	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1224 wrote to memory of 1548	1224	chrome.exe	78
PID 1224 wrote to memory of 1548	1224	chrome.exe	78
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 1540	1224	chrome.exe	79
PID 1224 wrote to memory of 3120	1224	chrome.exe	80
PID 1224 wrote to memory of 3120	1224	chrome.exe	80
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81
PID 1224 wrote to memory of 2768	1224	chrome.exe	81

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://taskbarx.org
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd42ccdcf8,0x7ffd42ccdd04,0x7ffd42ccdd10
  2⤵
  PID:1548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1920,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:1540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1428,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=2244 /prefetch:11
  2⤵
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:3120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2260,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=2352 /prefetch:13
  2⤵
  PID:2768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3092,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3112 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3136 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4280,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4312 /prefetch:9
  2⤵
  PID:1232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4596,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:5940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4768,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:2392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=3136,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4532 /prefetch:1
  2⤵
  PID:1876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5068,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3432 /prefetch:12
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5076,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3368 /prefetch:14
  2⤵
  - Modifies registry class
  PID:340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4940,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:5348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5924,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5940 /prefetch:14
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=4960,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4968 /prefetch:1
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4824,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5300 /prefetch:14
  2⤵
  - NTFS ADS
  PID:3264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4600,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6292 /prefetch:14
  2⤵
  PID:2520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5268,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5304 /prefetch:14
  2⤵
  PID:876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6364,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5276 /prefetch:14
  2⤵
  PID:1036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=5292,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3144 /prefetch:1
  2⤵
  PID:5468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6496,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=744 /prefetch:1
  2⤵
  PID:244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6668,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4972 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:5744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3744,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6636 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:4568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=4988,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6676 /prefetch:10
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6652,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=2384 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=3116,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5816 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:2556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6684,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:5840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=4956,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=6784,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=on_device_model.mojom.OnDeviceModelService --lang=en-US --service-sandbox-type=on_device_model_execution --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6592,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6712 /prefetch:14
  2⤵
  PID:5032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=6872,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6880 /prefetch:1
  2⤵
  PID:3980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6732,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6528 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=5004,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5960 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6744,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6776 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=4340,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5224 /prefetch:1
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=6824,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:4604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=6972,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4376 /prefetch:14
  2⤵
  - NTFS ADS
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=4944,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7044 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6836,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=4380 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=6580,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=3416 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=4384,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6984 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=7164,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7116 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=7304,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7292 /prefetch:1
  2⤵
  PID:5220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=7468,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7480 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=7608,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7648 /prefetch:1
  2⤵
  PID:1436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7752,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7800 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=7912,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7936 /prefetch:1
  2⤵
  PID:1700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8064,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8092 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=8220,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8244 /prefetch:1
  2⤵
  PID:2864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=8396,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8448 /prefetch:1
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=8692,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8704 /prefetch:1
  2⤵
  PID:420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=8560,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8628 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=8664,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8892 /prefetch:1
  2⤵
  PID:3532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=9024,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9080 /prefetch:1
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=9096,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9224 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=9400,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9376 /prefetch:1
  2⤵
  PID:3112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=9408,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9532 /prefetch:1
  2⤵
  PID:2072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=9712,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8716 /prefetch:1
  2⤵
  PID:5180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=9696,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9740 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=9760,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9516 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=10036,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9872 /prefetch:1
  2⤵
  PID:3548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=10040,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10172 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=10320,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10480 /prefetch:1
  2⤵
  PID:5768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=10360,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10456 /prefetch:1
  2⤵
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --field-trial-handle=7324,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7308 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --field-trial-handle=9508,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9868 /prefetch:1
  2⤵
  PID:1136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --field-trial-handle=7432,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10404 /prefetch:1
  2⤵
  PID:2672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=9492,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9440 /prefetch:1
  2⤵
  PID:2536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=10656,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10716 /prefetch:1
  2⤵
  PID:5040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=10832,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10844 /prefetch:1
  2⤵
  PID:1532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=11160,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10996 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=11132,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11180 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=10836,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11352 /prefetch:1
  2⤵
  PID:3568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=11468,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11500 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=11628,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11476 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=10480,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10880 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=8044,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8124 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=7972,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10400 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=11632,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8108 /prefetch:1
  2⤵
  PID:2492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=10304,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8256 /prefetch:1
  2⤵
  PID:968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=8700,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8716 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=8168,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8584 /prefetch:1
  2⤵
  PID:5348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=7464,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8204 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=9716,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8088 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=7760,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7992 /prefetch:1
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=10332,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10604 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=7040,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10772 /prefetch:1
  2⤵
  PID:3716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=9444,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=6988 /prefetch:1
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=9560,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11500 /prefetch:1
  2⤵
  PID:2756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=11548,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11196 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=8600,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10800 /prefetch:1
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=10192,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10196 /prefetch:1
  2⤵
  PID:5980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=9812,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9100 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=11380,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10056 /prefetch:1
  2⤵
  PID:5480
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=10104,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8824 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=6720,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10516 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=11680,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11688 /prefetch:1
  2⤵
  PID:3432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=11736,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10048 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --field-trial-handle=11088,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10940 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=9932,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11664 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=8456,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9300 /prefetch:1
  2⤵
  PID:3616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=10156,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10160 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=8488,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8904 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=9144,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9080 /prefetch:1
  2⤵
  PID:1212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=8492,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=7788,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9112 /prefetch:1
  2⤵
  PID:5052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=10252,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8480 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --field-trial-handle=9324,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9076 /prefetch:1
  2⤵
  PID:1228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --field-trial-handle=9404,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8036 /prefetch:1
  2⤵
  PID:2668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --field-trial-handle=7596,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9808 /prefetch:1
  2⤵
  PID:5640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=7500,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8760 /prefetch:1
  2⤵
  PID:1144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=6996,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8980 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=7096,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10516 /prefetch:1
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --field-trial-handle=8052,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=8088 /prefetch:1
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --field-trial-handle=11580,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11040 /prefetch:1
  2⤵
  PID:1216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --field-trial-handle=11020,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7932 /prefetch:1
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --field-trial-handle=8276,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11436 /prefetch:1
  2⤵
  PID:884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=9844,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7996 /prefetch:1
  2⤵
  PID:3084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=10472,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9904 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=8216,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9936 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=8964,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=7436 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=10440,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11408 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=10568,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10564 /prefetch:1
  2⤵
  PID:1544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=7316,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10580 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=8960,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10520 /prefetch:1
  2⤵
  PID:1828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=9876,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=10588 /prefetch:1
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=11260,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=9648 /prefetch:14
  2⤵
  - NTFS ADS
  PID:5004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=7976,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11352 /prefetch:14
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:6024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --field-trial-handle=9648,i,16864242207306134271,4972250787320052706,262144 --variations-seed-version=20250313-050105.095000 --mojo-platform-channel-handle=11356 /prefetch:1
  2⤵
  PID:3480

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:3744

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3592

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2972

C:\Users\Admin\Downloads\TaskbarX_1.7.8.0_x64\TaskbarX.exe
"C:\Users\Admin\Downloads\TaskbarX_1.7.8.0_x64\TaskbarX.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1532

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Breadcrumbs

Filesize
1KB

MD5
5bc6ec5565f7e272a1af2d67633d6eff

SHA1
56c8b7a1d206b7ff7959ff090b150502cca508e6

SHA256
267a580c24297a770b35d3ceab781b6230281287385c06edd62c114d46578d54

SHA512
a38086ec9f2e184550dabf9e591caa930a5d77f06c7607f0c119065806f9ade4b72a1c63b84fb1e7034c18d8a557714879fedf0c2dd21bcbc2baa227022dde35

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\61fe64ca-b5e1-4754-8b12-df5ec38a7a04.tmp

Filesize
649B

MD5
5ecac26f3b7a534aa2636bfcc65be569

SHA1
d33b43c8460598e37ad5e3c52603e61867c89c51

SHA256
c7fb4062e576beb24d7e86f8a440b8c837c5ca5975ddead75cca8539a5ad8570

SHA512
27cb8211445b9496ef6a049e28ec759c95ea88586a783ed42029ef7510ff7f134c4a63cd857e763107f786b75480eb88df0f877851a416411bc82c112ea2187c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
25KB

MD5
7e9f32172582f9a9f63aefdf213b2ca8

SHA1
c6046d34dd37164db45fba949101f1b823b92c78

SHA256
60a2a9f78913e6cf901b86cd1ea3da7efcff2b172ba65787b1d8352aebade766

SHA512
2247abc46b2f5af16e49e5cdae38ddbf45c3653b362a856ef85110102b284b7887b0435ca935e03a4ad9c786b67dd2ab232784bdc3ec3a301ecf22e5be886e4c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

Filesize
102KB

MD5
eaf30b381e98d4fbdb42952fbaea8257

SHA1
82afa30d2c67651062d181b410991a90e50886f2

SHA256
5895e8ab58bdca929d161dc297ef492eefee9b13b534fbbcee73d95a3b1304b3

SHA512
cef1657dc2aba1799ec640c0d99f1e24a83c88adde8ba3e584dba6e45d7c822a510a0dfd162386ccb4e344b508909845acee4ab3b3bf4e708968adb65255c3e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00005e

Filesize
29KB

MD5
4f67bddea4a4b56fa44f7cfe3d8e17f6

SHA1
438d0068eea5ebebe51681e9a99f4ea32cfe15e3

SHA256
b12c446b6906a8955e13fba049813b7367342208f2f605e636bae8cbb7c2a847

SHA512
341ad30b36804ec19a0299e99e95ca576474ea85eb853f986f0e8199481e5e5f6826d71ed660f408b0dd7bce3e2d28e873e64799a24c5803247b7ab356a276be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000063

Filesize
22KB

MD5
ec326609afbddbd5d35c9b3c6466c977

SHA1
3175d802ba62e99d56ea839c27da84d0881dfeae

SHA256
c4b1391574abcf88488d0df1efe7bac22bd5abfce1d8bb0b8f5c20ad2398895a

SHA512
7da914d29f333e9ef4103072110765bbd08f4ec10591648850462f4d46d7e7a920479f2b62e07336c10eb63f4277c82d415ba8a009c72517c8771a51efd72dbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000068

Filesize
28KB

MD5
564a80f06c5058cd19537375a47d2da5

SHA1
db5220e6e520a2011362bfe82a1be6fdb413cb48

SHA256
230a4ea452bc7ba039775d964e2de8a643a9fce5d9f74c25649a55031151d8ca

SHA512
fd617efe1dd3b9425648ea8ca5c7769c8e81e3f78caee6805b0671ed7681824dd135e90191a1195d5ccb8610b9056a07018483098ba473a507ecd100739d1c32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006d

Filesize
67KB

MD5
6876b9fa77d04a990aed45bf263be0f4

SHA1
da839f0bd43484ffb41abe8d848f4682c4d72dc9

SHA256
c2651a1004a46fa6fc26303b06a112a448d169f67ba1a7ae8fa59285b9bd9e50

SHA512
7bfba9cc1375e5ee3b58efa777b4ae217eebb8acdc2873f3256903de0d6aaca3f87d6f110d683c9badb40968ed2f59f9046d15628513be6ba9d2965585a3f1e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

Filesize
20KB

MD5
f69cefb34e81abe998b7b4c0cc0cdbf0

SHA1
b4d4d39233a096793eddabac7b913373160ea7a1

SHA256
a8787de8a8d93bb7a6d9aa55572db8d806693978d0365240507ba62905657174

SHA512
6c8ceebb276bfe4ab080eb03bc8f497c72b7ce7fdd70d3d1689c60eb3dc091ff4af97fb21ae4dc9b6589c21638ef27c7194ee52780da6690c04baaa4c12fc4b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073

Filesize
70KB

MD5
990ba245ad0cee236d65c17f5d8e8992

SHA1
c9f5fa8882a3fc097ee6e6d4cf81ce681766f033

SHA256
2316665f09eb529043d8de17d53783aeb91d7922c7fd7c3708bb76b4d16954f3

SHA512
8b180305166c4e42ef2d8e06936caad168d8f94a8379cad828c864bbb7c0708cb3c923ccc2e33d57f8c9eeeb3adf6bb80c22a3c0c7ce71cffff40095e92cf3ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000075

Filesize
39KB

MD5
9a01b69183a9604ab3a439e388b30501

SHA1
8ed1d59003d0dbe6360481017b44665153665fbe

SHA256
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

SHA512
0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076

Filesize
158KB

MD5
83266658f29f5cb762001d5d9f6985a7

SHA1
9ff52157193e1e798944e6a3172d938183f5e550

SHA256
60072b4eb6fc5f1f1214a34fcd55b3cbd1d05eddf778f85611f9b352c4c6452d

SHA512
60b2a8749bb597b71c6cb7113c4ea6c430ab90c6f6a5f78a36ab5fbd2676fbc173ade236be939e862569c786fbdc8e0aa984f1ae4263e91de2ba681cc8ce5d66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
1KB

MD5
94c1b48d1b43973618f8f9770e75c85d

SHA1
f23407ce629b1262e0dc592f0f9cb0250715915c

SHA256
870032128232eb56f0fd984b250b5447ff8f2845ab06ba4ed77d648519d96add

SHA512
f02af6a9a061d0d47a54f443684e731d85ba0e316522a7655d32afb63539b6814935cd2911d88c69659ce65632012ae7f7706ab6394f517d5908836905362c9f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
d756ab5804790a2f45b33c0cb3470524

SHA1
090db8c44d381e8f425736207d0eaccb95b3b299

SHA256
5dccd21ba73e49d005e94fd9388a87212aff0fcdd68ce3a20e0467707975dec9

SHA512
527dd3609c6744bda2117f1a8c56ace841ea3c7a05f39210244edc801a505f19631b04bbb5450b63a5dc1fa83f017a0d2d0e45eba4f14b0e34575f64cc228bd2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
f72149e0985060df723f7bd83d1f8ffb

SHA1
02334e8f3c1eba0966f08c718996d350c50453a8

SHA256
34d2c1bb9825e73f042034eb2f05dc7f99702e57479eb717abd970e213a13df1

SHA512
05e6fbc72ad7c2bd59a6afbce0353e038011eea742665f0475fd6fdf6918641711c590bccf5e660a827d68c3bd1b3eb418945fefcefa2e0602ff8ea3f3957788

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
696B

MD5
b0fbc12aaea8365736d73d3529194ced

SHA1
df99cb756bf5d3af9e1e6a56961b5a01b77b10f0

SHA256
061833cd1d803735650641e791a28b790515a923217273969efc223eddeb0bf5

SHA512
ad92a262002e7845d434d1f849230b71ac5ce56c66aa6ca6cc19cfdf43079a2895c7ab4d07427d8da74750b7bd3e18507a8cb1a8b7cd1a8dead00d784b61ce91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
d15b79381c15b485567eff1cdc569d04

SHA1
070cb1162b54a1341ebead72ec4213f685c9de22

SHA256
18001c4b7ab43a769c5a5f05d40a3a74e1e0ef5e22673a9c703e0f6dc54a0221

SHA512
00f97b65df973e72b34cb5e6fd9d1a3b6d6d3ddd552be29138b94cdb66b024a241fda90811e8d2e91b0e55e5bb08f5750deacc5fe3bd8b0399266e758a73a48c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnWebGPUCache\data_1

Filesize
264KB

MD5
4d77e971e4be5d3a5277f2acf0d504a5

SHA1
036c0d6defe845c5e0963c4f99c735c1000000e3

SHA256
f49cf86d8485f785e5f3f720bee4edf06e504ba2e0c964353c9439e95df68e66

SHA512
d8bd19587a4b5f21742fb5685bf3b8567e8e02c0716dd0035b67171a6163a57bded0e67c2490563911062dd8a2fceb1b189678265fe6bf6d482e7cec15bf998b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\59b53575-1a31-4d8a-b729-be8b2478358c.tmp

Filesize
7KB

MD5
e5540b07e3f943ff1cd230f428b44ad0

SHA1
23615fc00267a93d3900cbb35e9e8a8c25976f07

SHA256
671bcf6e1b9cb6eed0863c53e5447f00adaa0a56cd4efe93b55e14f604edaf1a

SHA512
103e5581f626b0742e3ca4e5f2cf8c9e69de597598c4f086c7675a64bcbb7fd6d3eb0112fb901d50cdd5e66ce75cd9556fef894c27583dd724e8f57c84245153

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
47KB

MD5
f034ef32f3b70afda4e3bf5cd46f9601

SHA1
23c737f0ed4db1c9690df6a20ec8e3e83f3aba05

SHA256
b2ac9d2a71f4a31373eda80d798fe814bff69d49110defa9083fe24f68c32ec2

SHA512
419fde064d8b4068c47fc6d06a8f106a377a86e8fb611917bc936b3f456fbe1d5a2071e3859c5aee0ea8da7f5dc68d396540e38c3686777259de85eb74718429

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
3b17090d1723c00c4b1c2affcbd0701a

SHA1
69ac3380a2bc26e86fcabb4f6262eccd454cf975

SHA256
fb818b607b17cc34a6f6463c976cee8033ecfef15f4fe99687c339c65fc513b3

SHA512
b4a5412c42fc914b7bcbfe1193685fbaba82fb7f303fef2f14636d830565eb862cb6f87656f79cf7147b8b1ceb2009869fa07f5a5e194a47c285ffc71ce30d1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
12KB

MD5
91da262785dd4d02ed9f63f280cce206

SHA1
ef91a83b9f1615b1ec9a0a6c9cdc012a935517b0

SHA256
43f401a61230a4e206057370091927bd1385e53f114e4ce947090a6c63517a81

SHA512
609f049b8b3cc7c448bb281fae171b07042d9b1cf6d0caf9ef223ca26bf33f2f0e05a8e279f782c036202255c84e2295bbbd138a253eed0fe21e1ad854a92e14

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
35KB

MD5
10c8b12b5e7c571a4cd7bbb0413e0650

SHA1
f86fe3c39b9f2e420b4830156097b36f5a33904f

SHA256
c2db448453553bb85546df5bdfb56bee730e0f1a985689a42b3520c54b40d4e0

SHA512
f6e2e4b23af9280362741e2a265f047619aaa024e03b4caaa1e363fe4c51d7f207fb8035c2b1f8ef7acc5a660f6e586f281a2d4bf87584b395fdf40cce2431e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
8KB

MD5
8bf85619bb91f3a3420c265c92ea160c

SHA1
407df185244531db0ab0c3966e887a8191a80bad

SHA256
64af71dbe06cdcda64bf82c07f6bef1bd9f1da7000a7e4d9e6e36335d8c36052

SHA512
bd27933d92f0ed762474ef5f618b0142c65a9eccd134e3f2ab17583c876ab4026261b513d45c8522326e4048f3d9f9d8531f95bc80e9e4acca09fe4acd26f7d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
8f5cf530b3e8a4b24372ba948f2cc580

SHA1
07734e2df4d7e0d311ac1b81fc78c3f38005a4ae

SHA256
2b803da211fb982678c2266ba3629bd3340f188877d7ecfcf32f3da1aa275ed2

SHA512
5ed4f8696e39209a6c7e87b66511f549b7bbefd7c4855b5be899474ee1f41fa801a1f1f9dda88a31a9a8c7ff3132c84fe1441484f3348dbc1561cdb3bb707456

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a0814e712dc23d58a16a0ad5c07ccbae

SHA1
f9e7fdccbffbc82493bb95887d399decd84d8317

SHA256
8c8e5b3cf343b25d02b6e67013d92779686598bfb097cb63fbb198f8a738dea1

SHA512
cebc9230b0d9849cf0a77e098670867e87006d11ea6d90dc8ff6952f0e5459eacf4e2754d743a45eeab06e90516505ba41686c1cbc9ab434cb8ca84355f99a85

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
25f763db07c2668297142fe3c7e6037d

SHA1
d96fe40959bd301131a38d3ebd46fe38884c1f07

SHA256
8603465890536b9795529aa7e928bb67fa70bc35a47f165fef3474c407bcdc63

SHA512
5a5e5ab64922e05a66d58e046c0ea11e1f485b288738a8d55103e983f7c2c1fe0f0604775ba1af0c692f56c78d72fcd5d9914f3d4eebd5d9f0b0187dd243f86e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
f0d764b8eb5d58e43cdaf3bb9cb649c8

SHA1
3033d363fef6d39eb9a39e53523320833c590e1c

SHA256
012f0966c4ca788d778ce2ba220bc5b8f0898f11b12c5d3d9f12d675e2776dcc

SHA512
12c92a2e9c2d503c3fecd5ce7a3cf7060d23c4a3db2ff64b3682e8bbc00eac2a67cb75971b5a43ec12c63a4a2c3a6a7e6b0b28c35e008c525fe5f20a314bf3f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
bc8315b4a6d4ca7234cd96c5c5761219

SHA1
f296f5a97ae389a832cda6ed7b66320b43134013

SHA256
cde5364a9ca92611bdbd96d996c28fb5bd5535bc9229538879275e5e1c738015

SHA512
cd4256acc5613af63d02b77132f784710716cd8cb1a745849568d863614f359803542405487c881333516370643b9a07a17e7b996bc79ee73001f4cadabdd380

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
41caea3521e1858265ded92a123ed138

SHA1
78c2af101d02578d9d5814d15311b2b71adc7c61

SHA256
9b897a7a8704c3861c23eefdc757f0f822b02403d93d6954e897c5d374ffc5b8

SHA512
867d58de19faedea0c7db0252f93cd91a82b80bc9caedb93d285e3db391b02b2bac6d8503d6721500aff8d4a7b33844610463db7d2600bb406124032982ac27c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6a7c8ccba76d0d417993bd13f3f1320e

SHA1
1704dfa34260fbbd4a5274b720e4b3550ea0daae

SHA256
630d5c13a00ec2901e022b4f879f2fb1d687761b06da77f9d1efd8537c19f87c

SHA512
80df51b6f38c2bcf82125df3a21d15bac7aeb49b1b61cfc6055f22c7d8cc413c873e12f1c214e6aacb4d5621b411dff23ba78f9f86bcf95d524e9f63a19f6a87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
60651d1fbc697b8e9a51a52cdd116c03

SHA1
f4070cc23d93b8d69c058f589ea06b85ffdf9a61

SHA256
2bb66fa3e42dd527b3a1b1587e2307088285d540f3eec6bf0b6f1318727ca836

SHA512
b38483f9b608f79f2f454c8c01f56792ec7840abc78ced1f2479fe1bca961e89e24b12458e139c2b69311bb0b813144caf04cf7ee190d872f1537b0f224ae56c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
c78132b11e6ec66126431bf186eecf67

SHA1
fc03d4b741450c6ec9438026dde984ba6a7a41e5

SHA256
820e7833af26f26640557731fc1312b355911abcacbab241644342dcaf46efe9

SHA512
688121d4d8b05423b453f1a414150dc14580eadcc204d9aa0f47da296e5f3fbb6f45476a2f6c4c3ac2391939b70f68122e5f49194872ca2040e967b1f24b1855

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
f0462deec010d43a02a8969394a00318

SHA1
7af13db313a84693db23f9758615de97a6ac7c30

SHA256
20bfc827a4d84b7201b325a8965506ef3d346c9fc1badb259ef9be2edd32d9d7

SHA512
0d3a35339a5cf038ad403164732d554e8e2c9c047f11bce93cfe7544e2ea8420c237b9a4091e934d64c289bb5f88306ac2fd78898f11feed611ea7d8fdef3650

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
c86283508381f1b59267cbd9ea0fa12e

SHA1
1a39a8aa2010ae2e905acf299b217d56dfb8345d

SHA256
5de88a0f47fb3092e63f0bdc133d9adff09c562b7a515ac5659b21162b51d37d

SHA512
2302d729e2ee43e28468709825a3b0d68b0110e3293bf4f0b3dbada07ff9d751a6edef2293aa0c095337a8592fb2901257f0a5d7b0f809e0fce69b2df0b70100

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
da4a394e2411c770d44d3fcea9eb60b3

SHA1
50f4575b9850f8d286ee0e8d74b22b57063fd1bf

SHA256
d015cee8ae5d61eae5839108e040330d9418654111f2efab0f11a81f75ea40cb

SHA512
971fffb7da5ddac8d4dfcecc2bfaa81ac2eed4a6473e12129a264326230e3e0714e3891ef8d49e5fbfaa4f844d49890cf43b1fe3752e1445ca203583a033689e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
f59b64ebf0f3bf61d121065c91e43912

SHA1
2eeebd200f1769fe1b55b7dd11cc75ac43bac0ca

SHA256
7d609ac22bfb436fd4436f762238b93eb6a5f331468f9b701ce9a40800d06605

SHA512
ba4c0212b77326248543e4b0193f4ac7924d00dcc9cf93abc0058b3ae58891d13333f2e88dfb391800f1b2004b71e8f4a15c58b76e17d0feb5ee2b5aea46da2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
cf8eaff064ca08fdd66c9db1e252e5a7

SHA1
6802df2b44650ee7944651f3b8991c17975b9e35

SHA256
1715e034153c1b3e6c853e867f682a386c011f77fa5c2869ac5c5fa2a5d77fc3

SHA512
c71f932e5b5c1cf14851cfe0b5b38f130ef61d2113f167ccb0aa7371ea826b81b307a38b25282d3f50215af90c21ea1146b526481480f82b033c38799c6d1df1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
13KB

MD5
bda975c747d77f152f22487cec9f2022

SHA1
685f8675393f463f02e84e17db95deb2b2dd5738

SHA256
f8291722e0a4d4e38566c8adbe83a5de2a6267994647a568ab1455c74f020da5

SHA512
8201bb7047639090b3cb0349ec6ee6b6218d6496428b670b0a50ff14a1bbbdf9d07440e4c7b58b51792a1506a9e9954eb932d9287e104b94151b6c4b3165b4de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
15KB

MD5
010f02c9f9bd5bdf5f7bfd0fa00e26af

SHA1
6944d824dbebfc98341aef0860322cfc341e5a72

SHA256
87f2bb03e6fcece62344446a0fc4df697dac74c456c40105c4af98ad4056ed9a

SHA512
86da07140da5bdfe27875be6a158d12345f43166d3a9ba7ca2a43b8a246889945c1c3a313a9d1ca4b5e19faddd6557c5940522df58d0480f767f146cf0d6dfd6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
14KB

MD5
575079bd12275606d5ea3973cf0dc99a

SHA1
04c471e044aea02dd4fe16ef92c8a857ddb85c86

SHA256
526617c0ab621885e3f617983deacd196b9cf0fe7314ceb53b69c8897d007c85

SHA512
697f027fefc31dc2eb2a1876f6155053db19916763a192728cf7cffdb23c065b6f65def4e86ccd7d7ecd76dac1927ab33a763f48f1594b762d08f8400611f071

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b8863aad67125082464ecc0ccee8b4f8

SHA1
fd7bd8dd38f80df13b516f537d0c4e40784a3ff7

SHA256
6c286dcfafd74dca8daa187c726ea029b75f7ef56f81be790d4ead4f98b3ea73

SHA512
dc2dcf0271c8e884fc7331bec446ce2780b87ce557eacafb4748b1bd1d99e2350784aaf8bc7e30af379bd994ddfcfa967f06db7aaa413a94743275007bc279b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
69b73254d9fba705761cc4ac24b246f9

SHA1
fdccd69dc5d5ea1683dcd275cc4bed830ed0db67

SHA256
79350f75b31ea293964b7d01e77fb8641a1530dd13ff2292a9ff459ccd4caebc

SHA512
5087328ae5498b4812ab8e28b0f912550e2a40bc08ecbe20af79a6efedeb9234c76a42cfd3669a378272a55febc6dad58e4d5c75802e97db1d55a8c06ca3965a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
d73b78e9db2721f3acae360b2a3d6120

SHA1
c8f587cf4457e55224e0486c440edb115effbc90

SHA256
0a25d7abf116b2adb682c05e15f2935e54b02a10ede0ecae3273dbf117586cb3

SHA512
42e7f97b8c4890563fcee74b3654be4949a4ea3d229b2202568c6fcfb9f2f10e2acec201040efaffafda363a067bbdd706652434c8d0819a48d2c8ed8054d1da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
5977f7dcf692d5b25dc6d82da12484d7

SHA1
596ef08fa44bbb9c3baba714e17ac92649890572

SHA256
30383924e1a54ce0f5b6af1a025cfe48dbc0b226de040de4910c3f95c1d6d640

SHA512
f9d79ef004398ca4655b4c2e9b83c029964895b58710748ef6c58b9ae77e7571f9e85c6cc4fe1eaf6cebc2b8bbfed96d5388a957682dac5591ba98626a9895e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
168B

MD5
b72adc079f0304c8104bdde477be32dc

SHA1
acf0716c202289a4519af550bdc5297dee73c492

SHA256
11fc98ce81e3cd1c3f2cb0e5e7f0e23c87f85235790f1c77d3e6e03bc576a669

SHA512
8b0ddd263e5206fde992db61aff91eeab34de2af726dffc8e23ac2b3f0ba083d72f4325698b1ebab50177b066db8e2c23053fe690a792d712f9758d0589855d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b5f2.TMP

Filesize
48B

MD5
bf7bda70ab765ed32b5c654919df69bb

SHA1
c3d20f599ccfa0f7148f73f6b20a4ff465620050

SHA256
b688a2a0f09b4d06254bb9abc85bd381c2779ff1202a8d28559e3e3b1c4d36d2

SHA512
19e7712848ffc5df14ce44f849d1764b5086bc77c4a441b35ef00b8d3ffc34b268d2b0de4da697749200e65c4f9e8baf67a5a41bb52b5daab35a68afef74dcca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\03ebaf0cb9ca006e_0

Filesize
63KB

MD5
306d953fc73f328a278f756b7548d44e

SHA1
c6b7cc74ab4680d3a193d576a6f4edca9c848add

SHA256
e2fd801d2659ff8e806be9b9e3acf6a0c31d095da98e1f0fc15c902d04807de9

SHA512
24caa0e12cf85332c9a75464187a7fc2b2515c32b3a59914773d93acc94e7716a778b525a751cef2f90742ce5fa40afe67b0173113e51cb6863c2a0b6333ffaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
72B

MD5
3ccf7809c7e0cc613e8c310c4e4d9f30

SHA1
e6489200ad83bb079c5e6a734a00c06c6b706dcc

SHA256
b254ba89a6258a93d3e7ce8d56d90edf738cc91f311be94a4e97f5a5806e44c5

SHA512
b4aa3a7005dae790dca090d7960f62b2336d4da9d1bba5c089ef55eee0d7508c90717006034c4f624105bea009dffc13a019c44286c3b0f42d3ff4755097a0df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
96B

MD5
daddabb1c9466e3a9daa1b4a0b214b6e

SHA1
afe711eb2f739a6bb327a6d8bcbe2cb84dfe60c5

SHA256
f9c689de855f73f96de62e1865bd1a38ff0d3c77a2db37cacbe3101e49e01b82

SHA512
49fd39df54272a0c77c30fa9152969fc03907037d1ebd5a44bf253ca5844354955c8b4a003a928c3acaf13be1432a54d220628f5e23ea6bb0402fbcc0b10e002

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
78B

MD5
f8a58ebf7a2b809735e4adf5d58b11a7

SHA1
30ba3dc6cecab7100b549260311aeb97a68a8d33

SHA256
e665a00d5b27c9c19d43cc3350e57e7f14a227a2a3f474c541baf62719dcb06a

SHA512
954d18abef9873260f6721ad99d429d7f61345a8b8f1c67284b41281e0a290a902efc3b51c29fdfda3a7323d4b791e1e49e98b06af73957ac48de61328a0dab7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe576d9e.TMP

Filesize
142B

MD5
ba94ebe138bfb507261ec1feb1dba484

SHA1
280bc3d69f4444f08dc280c2ee083bbd8c43f755

SHA256
079bfd5f237a369b413e058e1d863279759fb1e4bd426e3a2782223e72f8498f

SHA512
c2530e58e50c2f5d0c1a0df7222b120c300b193d7d267ab546f08852ce35f78505d6e45a37327ceb696690db28c9904aec6dd8ee58c8dbb1302db3c56beaabae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\IndexedDB\indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
f5f06107a98c69a2bb18985c93d363dc

SHA1
31e30a2ce7996ff54551ab535f8ea8c009990f68

SHA256
539a85031f26b443f82a29e36d61418fd195c3037d1f4359be69e291a0fbfaf0

SHA512
1581626896208affaf887a4c31a5cb2e47b97b05f43457660cf00efa0c2a46da3dd027ab71d39d1fec30b00bd6f7cb23c985be48cb6551c23e809a7cb1cf96b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
80KB

MD5
3a29d01cd270903166c8c2b7d1cfd370

SHA1
d1e01a94697bd4f00456f4b958a72b4c23cbeafa

SHA256
79173bfdf1cc69a6fcd00e76b1eede2fd68e9853b085498e08760246fea156c2

SHA512
0c25b211a20c1ba10b00bcb6ca72873686a60ec18974da9655e058f2f12fa7d5b88d36b449c0c140e250fe0e19cb274e887dca30f90e033e91cb51ba16d14d98

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
25b326a0b0f8d7db47991f51f78b69c8

SHA1
14fc6b80761c5b9ebfb738b3a177d302ed0fdb53

SHA256
6f08f35d1ec9c6a97c3b1c48b84ebd4e7a966c6f920c36b333994ad262831ae3

SHA512
2f9eeae4c81c4abd630b28463fcb83661efcee7e3d1f94a853216a65900ea24c4359ec1bb496d0839b97aa8ac9955b092bab834bf8dd8de8423d77abc6dcd52d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
947e125cbf5bacba7bbea29756ccc79e

SHA1
7c6aba6f3b0b316fa3d25b07fe24a984f8f1514a

SHA256
6720f4b8a97442f0faccb9ab3ed91a1669b326989483ba19536c8abbcd178443

SHA512
298b0f9541bf9b71d07d07acbc2ddda8c3add19919194900624c099599a24882d11fd01bdb769ec71e92bcd32142621b51cf3017398388b977cd9fc40ced680a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
18c4076599192cb11bc5355c5c11cbc7

SHA1
1e0e5e9d0c49d793509677a50083c944540fe424

SHA256
0535dc72469375b11494d5651a3efcc767676e74be0f1903d6f6cd690daf4e87

SHA512
1b32eb5e33407ad016b8b72a08419a25d5b8557c7a0089fa983a075caf1aea5dba5d7a786d8c8f2440c25bc49237fe749ff93b3fb74bdf2b3f4f5a70086daa2d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
810639f2213f3c084d868d238a0825ab

SHA1
3a066b9cf6619009830acef3b061cca42fa8c15f

SHA256
800d23284d34ee99642d20dd8edf981c34ef01cadec93f0e0b6d92b1e142079c

SHA512
c807fea6ba8b993483df2a0a2447b3f2ce2365251bfdde3234c8043973fd170211b9cc6be0f47e5517f01c18679a9973cb2e47c46df0f344bc206fdf19d934d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
b4febb1265498ad67c44fcfa88f5e2f7

SHA1
60682bde4444af37000bcc6d762f3a3905273a9d

SHA256
56eaae520f845b4fedb5ca39defd402dc1307cf5ccd52112e943c355313a760a

SHA512
95e363cc347a79ec5107e638a5a15eb4d20f8bb6cece75df947a31a4ae198a4c9c54cc7795ed05f118a528db507bf706a63d47a590eeca5782c07bc89ebcda47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
5094426e0f5ca2cf5e9f2b771068034a

SHA1
7c561fa6aac5bca75e9e70db4c9dca2b1b13a24e

SHA256
899a6a51bf32acb7abcb2c16aa8a83d9a5fb432a1df5bf8fe6ac7fc1094e5b38

SHA512
518ba0f2312e1620f15110d316206d66e904ab6b0deae3d1d88cfac13291a58f33e44eb5832f05d4d0ab52420069338559641995a6fca6d0785fe47d0cb8fa6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
595e8b7d186814744d84b8b0b3c514db

SHA1
2a35192e6893adf0426df4233ad42698d839801f

SHA256
39c65fba40cae65bcafae77e624e84dab0b516e808ebafcde7652b373fd35231

SHA512
2c18b46da4b4f68f199b49581fcdd5ffed13c36b1bdae068ce8e77ccac59690e52477071288d4c3fbf5c767385c446976270ce36f70d56596ee776f1150204b3

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
8KB

MD5
4c67680365be047936a9e22e3469e520

SHA1
26f43bf4658665d112c8b07fa5a0119ee9446f3e

SHA256
aa56e805bf069b49de6a4eb633639428ace19870f95f934ce16621c51850cefa

SHA512
0b40a7a96621a53f66c166aff6e01d3dfb8c2f8fc159f4388454416b986b35f89dcb715f1f55a3dbc894b0b455561d62bbecba70da52b94e5b7f69754853cba6

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

Filesize
10KB

MD5
32be6ef182ba307f56a73af74da5427d

SHA1
333a186591a41250f2ad9e9187544a0415e257c2

SHA256
49322b38bf9935728252e609439092e490a742472339e2e37e1e514029e43aca

SHA512
bf73f49388e323834d6a7d6dd0ee2ed8653a5bb3b2ad75f0a819fcf1327f791fa4ab4f4356d47d4f0926f8a6a2a690d409a762494b410c1184c586c873493d29

Download Submit
C:\Users\Admin\Downloads\Elite.apk

Filesize
533KB

MD5
9f01767647e2e72f446d374bbcb20c53

SHA1
f6b1adcd7723b525418a05bcede5c671366d7ab3

SHA256
fcee982b3d0e1601b40078d98df03503668aec7542721f921ae8248bc3cec3a1

SHA512
4b9dc2dc08f015ed96a3ce30978994314d3edca84348eb62e7cb65d4d5477f179c44c80cc0a67863bc119555d0217f57681d047ce98ec405bd5eeaf2da8280ed

Download Submit
C:\Users\Admin\Downloads\Elite.apk:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\TaskbarX_1.7.8.0_x64.zip

Filesize
2.3MB

MD5
1e9369977f0e62c48823c9a84237dda2

SHA1
e66a4af06010897e2d89005bd7f8c5d00025ff67

SHA256
ab192d20ed1ff6a88fef856b1a0dcf997e5022437c09a686c28356b43dc5a3e2

SHA512
2b2385ad3fa9c008773cc289fec76ac26e5b249fc8c25e7f92ab6079d80d9a6cd48498a3e7b7df8ec50cbdf6cfb0b5ff8c2b17aa5f93d67c30f07f41f791c66f

Download Submit
C:\Users\Admin\Downloads\TaskbarX_1.7.8.0_x64.zip:Zone.Identifier

Filesize
557B

MD5
fdc08013e577cf79a2ff73df708e83e2

SHA1
ec979d51e0cd16093b9a5c8c19755b9f823b8627

SHA256
568250fb3dff8818efca83dab49a4e250553bfc5b2420096476f336b533732b4

SHA512
b43cea07309dfeef70bac3dbd9a3da06c97e8da8a32dc00f0391bbf492a8749448110e9b7954455f2c00ab981d847a3cb01a597f9720df27b5b0dd22d334f7e6

Download Submit
memory/1532-879-0x00007FFD1DA50000-0x00007FFD1E512000-memory.dmp

Filesize
10.8MB

Download
memory/1532-878-0x00000245613B0000-0x00000245613DE000-memory.dmp

Filesize
184KB

Download
memory/1532-881-0x00007FFD1DA50000-0x00007FFD1E512000-memory.dmp

Filesize
10.8MB

Download
memory/1532-877-0x00007FFD1DA53000-0x00007FFD1DA55000-memory.dmp

Filesize
8KB

Download