hxxp://google[.]com

Analysis

max time kernel
170s
max time network
171s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
28/03/2025, 02:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://google.com

Score

8^/10

discovery motw phishing

Malware Config

Signatures

Downloads MZ/PE file 1 IoCs

flow	pid	Process
1428	7064	chrome.exe

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-446031748-3036493239-2009529691-1000\Control Panel\International\Geo\Nation	MinecraftInstaller.exe

Executes dropped EXE 2 IoCs

pid	Process
6432	MinecraftInstaller.exe
6220	GamingRepair.exe

Mark of the Web detected: This indicates that the page was originally saved or cloned. 1 IoCs

phishing motw

flow	ioc	pid	Process
549	https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html	7064	chrome.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\mr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\nl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_673030079\protocols.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2086031139\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\ml\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\iw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\sl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\is\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_553398806\deny_etld1_domains.list	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\fi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\bg\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\my\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\am\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\fr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_673030079\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2086031139\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2086031139\manifest.fingerprint	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\te\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\lo\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_553398806\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\uk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\si\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\sk\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\128.png	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_878701270\_metadata\verified_contents.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\zh_TW\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\cs\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\mn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\sw\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\ja\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\hr\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\pl\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\hu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\en_US\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\be\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\ms\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\es\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\offscreendocument.html	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\no\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\de\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\zh_HK\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\pt_BR\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\eu\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\ca\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\fil\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\pt_PT\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\fr_CA\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\th\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\da\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\zh_CN\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\hi\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\az\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_878701270\LICENSE	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\manifest.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\es_419\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\bn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\lv\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\af\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\el\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\kn\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\ar\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\ko\messages.json	msedge.exe
File created	C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2088347686\_locales\cy\messages.json	msedge.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	MinecraftInstaller.exe

Checks processor information in registry 2 TTPs 8 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe
Key opened	\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0	GamingRepair.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	GamingRepair.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	chrome.exe

Enumerates system info in registry 2 TTPs 12 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies data under HKEY_USERS 4 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133876019203319944"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-446031748-3036493239-2009529691-1000\{7D5094FB-D230-4AFC-A74D-438D9E2C99BA}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2416	chrome.exe
2416	chrome.exe
4632	msedge.exe
4632	msedge.exe
1720	chrome.exe
1720	chrome.exe
7428	msedge.exe
7428	msedge.exe
1720	chrome.exe
1720	chrome.exe
1884	sdiagnhost.exe
1884	sdiagnhost.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
312	msedge.exe
312	msedge.exe
312	msedge.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe
Token: SeShutdownPrivilege	2416	chrome.exe
Token: SeCreatePagefilePrivilege	2416	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
312	msedge.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
2416	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe
1720	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 312 wrote to memory of 4352	312	msedge.exe	86
PID 312 wrote to memory of 4352	312	msedge.exe	86
PID 312 wrote to memory of 1392	312	msedge.exe	87
PID 312 wrote to memory of 1392	312	msedge.exe	87
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 3920	312	msedge.exe	88
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89
PID 312 wrote to memory of 760	312	msedge.exe	89

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://google.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x2f4,0x7fff8b0ef208,0x7fff8b0ef214,0x7fff8b0ef220
  2⤵
  PID:4352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1796,i,1182685759914669172,14146396832285003345,262144 --variations-seed-version --mojo-platform-channel-handle=2480 /prefetch:3
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2424,i,1182685759914669172,14146396832285003345,262144 --variations-seed-version --mojo-platform-channel-handle=2364 /prefetch:2
  2⤵
  PID:3920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2508,i,1182685759914669172,14146396832285003345,262144 --variations-seed-version --mojo-platform-channel-handle=2616 /prefetch:8
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3480,i,1182685759914669172,14146396832285003345,262144 --variations-seed-version --mojo-platform-channel-handle=3500 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3504,i,1182685759914669172,14146396832285003345,262144 --variations-seed-version --mojo-platform-channel-handle=3528 /prefetch:1
  2⤵
  PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=5044,i,1182685759914669172,14146396832285003345,262144 --variations-seed-version --mojo-platform-channel-handle=5048 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
  2⤵
  - Drops file in Program Files directory
  - Checks processor information in registry
  - Enumerates system info in registry
  - Modifies data under HKEY_USERS
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:4632
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x23c,0x240,0x244,0x238,0x268,0x7fff8b0ef208,0x7fff8b0ef214,0x7fff8b0ef220
    3⤵
    PID:2220
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1708,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=2152 /prefetch:3
    3⤵
    PID:632
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2116,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=2112 /prefetch:2
    3⤵
    PID:4208
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2560,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=2696 /prefetch:8
    3⤵
    PID:4760
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4196,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4192 /prefetch:8
    3⤵
    PID:5032
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4308,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4272 /prefetch:8
    3⤵
    PID:3024
- - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4308,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4272 /prefetch:8
    3⤵
    PID:780
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4620,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4636 /prefetch:8
    3⤵
    PID:3828
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4652,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4632 /prefetch:8
    3⤵
    PID:4376
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4312,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4728 /prefetch:8
    3⤵
    PID:6960
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4744,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4740 /prefetch:8
    3⤵
    PID:6968
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4736,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4776 /prefetch:8
    3⤵
    PID:6976
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4456,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4528 /prefetch:8
    3⤵
    PID:5584
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4548,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4584 /prefetch:8
    3⤵
    PID:9000
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=120,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4768 /prefetch:8
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:7428
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4528,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4616 /prefetch:8
    3⤵
    PID:8048
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4336,i,2882930418354917166,3041522813677710495,262144 --variations-seed-version --mojo-platform-channel-handle=4184 /prefetch:8
    3⤵
    PID:7592

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:2352

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
1⤵
PID:5916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
  2⤵
  PID:3708

C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
1⤵
PID:5604

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7953dcf8,0x7fff7953dd04,0x7fff7953dd10
  2⤵
  PID:5932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1996,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=1992 /prefetch:2
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2240,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=2264 /prefetch:3
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2376,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=2400 /prefetch:8
  2⤵
  PID:5896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3216,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:1356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3248,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4276,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=4256 /prefetch:2
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4700,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5368,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5464,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5484 /prefetch:8
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5708,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5376 /prefetch:8
  2⤵
  PID:4344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5384,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5500 /prefetch:8
  2⤵
  PID:5260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5404,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5820 /prefetch:8
  2⤵
  PID:6028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5408,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5592 /prefetch:8
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5756,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=4916 /prefetch:8
  2⤵
  PID:6240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=208,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5876 /prefetch:8
  2⤵
  PID:6288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5752,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5916 /prefetch:8
  2⤵
  PID:6300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5896,i,4660361946662361646,14377782411258802893,262144 --variations-seed-version=20250314-050508.937000 --mojo-platform-channel-handle=5916 /prefetch:1
  2⤵
  PID:6448

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:5876

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1968

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault97052623hda3ch47c6hbaeehdf4fd4824cb8
1⤵
PID:6212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault97052623hda3ch47c6hbaeehdf4fd4824cb8 --edge-skip-compat-layer-relaunch
  2⤵
  PID:6244

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fff7953dcf8,0x7fff7953dd04,0x7fff7953dd10
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2036,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=2032 /prefetch:2
  2⤵
  PID:7044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=1944,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=2084 /prefetch:3
  2⤵
  - Downloads MZ/PE file
  - Mark of the Web detected: This indicates that the page was originally saved or cloned.
  PID:7064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2356,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=2544 /prefetch:8
  2⤵
  PID:7088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3192,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=3280 /prefetch:1
  2⤵
  PID:7076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3200,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=3300 /prefetch:1
  2⤵
  PID:7040
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4452,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=4484 /prefetch:2
  2⤵
  PID:5064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3956,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=4752 /prefetch:1
  2⤵
  PID:4276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5324,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=5336 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5500,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=5524 /prefetch:1
  2⤵
  PID:6364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=5700,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=5708 /prefetch:8
  2⤵
  PID:6448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5452,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:3812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3360,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:5920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3516,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=4796 /prefetch:1
  2⤵
  PID:6896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4780,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=4816 /prefetch:1
  2⤵
  PID:6408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3476,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=5400 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=6132,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6160 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=6300,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:4168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6440,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6456 /prefetch:1
  2⤵
  PID:3104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6592,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6616 /prefetch:1
  2⤵
  PID:3628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=6748,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6760 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6780,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6920 /prefetch:1
  2⤵
  PID:4440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=7140,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7080 /prefetch:1
  2⤵
  PID:7148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=7240,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7212 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7376,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7404 /prefetch:1
  2⤵
  PID:6180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=7544,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7556 /prefetch:1
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=7720,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7592 /prefetch:1
  2⤵
  PID:7164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=7872,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7904 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=8020,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8044 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=7256,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8268 /prefetch:1
  2⤵
  PID:2812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --field-trial-handle=8212,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8344 /prefetch:1
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=8488,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8496 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=8632,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8476 /prefetch:1
  2⤵
  PID:3032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=8668,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8784 /prefetch:1
  2⤵
  PID:716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=8836,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8960 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=9172,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9188 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=9288,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=8928 /prefetch:1
  2⤵
  PID:6452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=9372,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9392 /prefetch:1
  2⤵
  PID:5620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=9556,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9580 /prefetch:1
  2⤵
  PID:7036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=9692,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9700 /prefetch:1
  2⤵
  PID:6596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=9864,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9844 /prefetch:1
  2⤵
  PID:6448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=10012,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9988 /prefetch:1
  2⤵
  PID:6288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --field-trial-handle=9828,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10172 /prefetch:1
  2⤵
  PID:2876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --field-trial-handle=10356,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10204 /prefetch:1
  2⤵
  PID:7268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=10460,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10496 /prefetch:1
  2⤵
  PID:7276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=10168,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10208 /prefetch:1
  2⤵
  PID:7368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=10784,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10484 /prefetch:1
  2⤵
  PID:7452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=10528,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10940 /prefetch:1
  2⤵
  PID:7524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=11092,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11064 /prefetch:1
  2⤵
  PID:7716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=11128,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11140 /prefetch:1
  2⤵
  PID:7724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=11276,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11300 /prefetch:1
  2⤵
  PID:7732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=11440,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11452 /prefetch:1
  2⤵
  PID:7740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=11700,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11712 /prefetch:1
  2⤵
  PID:7748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --field-trial-handle=11852,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11864 /prefetch:1
  2⤵
  PID:7756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --field-trial-handle=12000,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12016 /prefetch:1
  2⤵
  PID:7764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --field-trial-handle=12160,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12176 /prefetch:1
  2⤵
  PID:7772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --field-trial-handle=12184,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12316 /prefetch:1
  2⤵
  PID:7780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --field-trial-handle=12448,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12460 /prefetch:1
  2⤵
  PID:7788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=12468,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12628 /prefetch:1
  2⤵
  PID:7796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=12772,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12620 /prefetch:1
  2⤵
  PID:7804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --field-trial-handle=12916,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12788 /prefetch:1
  2⤵
  PID:7812
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --field-trial-handle=13068,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=13084 /prefetch:1
  2⤵
  PID:7820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --field-trial-handle=13220,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=13236 /prefetch:1
  2⤵
  PID:7828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --field-trial-handle=13272,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=13384 /prefetch:1
  2⤵
  PID:7864
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --field-trial-handle=6128,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:8220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=13720,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12148 /prefetch:8
  2⤵
  PID:8400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=13728,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=12164 /prefetch:8
  2⤵
  PID:8408
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=13056,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=13772 /prefetch:8
  2⤵
  PID:8416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --field-trial-handle=11828,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11884 /prefetch:1
  2⤵
  PID:8724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --field-trial-handle=14152,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14108 /prefetch:1
  2⤵
  PID:9208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --field-trial-handle=11720,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14008 /prefetch:1
  2⤵
  PID:8596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --field-trial-handle=14248,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14268 /prefetch:1
  2⤵
  PID:8668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --field-trial-handle=14032,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14420 /prefetch:1
  2⤵
  PID:8760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --field-trial-handle=14324,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14556 /prefetch:1
  2⤵
  PID:8872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --field-trial-handle=14004,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14712 /prefetch:1
  2⤵
  PID:9184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --field-trial-handle=14888,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14520 /prefetch:1
  2⤵
  PID:8936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --field-trial-handle=15044,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15068 /prefetch:1
  2⤵
  PID:9096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --field-trial-handle=15168,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15172 /prefetch:1
  2⤵
  PID:9004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --field-trial-handle=15344,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15292 /prefetch:1
  2⤵
  PID:9232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --field-trial-handle=15504,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15480 /prefetch:1
  2⤵
  PID:9308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --field-trial-handle=6480,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7056 /prefetch:1
  2⤵
  PID:9372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --field-trial-handle=15792,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15672 /prefetch:1
  2⤵
  PID:9428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --field-trial-handle=15976,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15852 /prefetch:1
  2⤵
  PID:9484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --field-trial-handle=16024,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15460 /prefetch:1
  2⤵
  PID:9540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --field-trial-handle=16096,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16072 /prefetch:1
  2⤵
  PID:9608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --field-trial-handle=16292,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16716 /prefetch:1
  2⤵
  PID:9672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --field-trial-handle=7892,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17404 /prefetch:1
  2⤵
  PID:10104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --field-trial-handle=8216,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16744 /prefetch:1
  2⤵
  PID:9248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --field-trial-handle=7952,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7928 /prefetch:1
  2⤵
  PID:9728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --field-trial-handle=17144,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17172 /prefetch:1
  2⤵
  PID:9740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --field-trial-handle=8384,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17100 /prefetch:1
  2⤵
  PID:9752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --field-trial-handle=16940,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15888 /prefetch:1
  2⤵
  PID:6868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --field-trial-handle=16952,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16948 /prefetch:1
  2⤵
  PID:10004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --field-trial-handle=15844,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16736 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --field-trial-handle=15828,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16516 /prefetch:1
  2⤵
  PID:9712
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --field-trial-handle=16296,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16240 /prefetch:1
  2⤵
  PID:9720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --field-trial-handle=17500,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17472 /prefetch:1
  2⤵
  PID:8644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --field-trial-handle=17436,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17628 /prefetch:1
  2⤵
  PID:10048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --field-trial-handle=16580,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17420 /prefetch:1
  2⤵
  PID:7768
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=13052,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14564 /prefetch:8
  2⤵
  PID:9952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --field-trial-handle=12964,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=13020 /prefetch:1
  2⤵
  PID:8016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --field-trial-handle=12940,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=3224 /prefetch:2
  2⤵
  PID:7728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --field-trial-handle=16720,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16648 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --field-trial-handle=17524,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=7836 /prefetch:1
  2⤵
  PID:1944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --field-trial-handle=16668,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16520 /prefetch:1
  2⤵
  PID:10200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --field-trial-handle=16648,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16404 /prefetch:1
  2⤵
  PID:5396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --field-trial-handle=16448,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9148 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --field-trial-handle=10704,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10740 /prefetch:1
  2⤵
  PID:8984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --field-trial-handle=16536,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17460 /prefetch:1
  2⤵
  PID:9484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --field-trial-handle=15436,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14236 /prefetch:1
  2⤵
  PID:9444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --field-trial-handle=9572,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16964 /prefetch:1
  2⤵
  PID:9492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --field-trial-handle=13532,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9672 /prefetch:1
  2⤵
  PID:9500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --field-trial-handle=12196,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=14516 /prefetch:1
  2⤵
  PID:9460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --field-trial-handle=11064,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17696 /prefetch:1
  2⤵
  PID:9432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --field-trial-handle=9584,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16232 /prefetch:1
  2⤵
  PID:9496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --field-trial-handle=14800,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11112 /prefetch:1
  2⤵
  PID:8892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --field-trial-handle=14988,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:9808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --field-trial-handle=10952,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=10932 /prefetch:8
  2⤵
  PID:8136
- C:\Users\Admin\Downloads\MinecraftInstaller.exe
  "C:\Users\Admin\Downloads\MinecraftInstaller.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:6432
- - C:\Users\Admin\AppData\Local\Temp\GamingRepair.exe
    "C:\Users\Admin\AppData\Local\Temp\GamingRepair.exe" scenarioMinecraft
    3⤵
    - Executes dropped EXE
    - Checks processor information in registry
    PID:6220
  - - C:\Windows\system32\msdt.exe
      "C:\Windows\system32\msdt.exe" /id WindowsUpdateDiagnostic /skip TRUE
      4⤵
      PID:8432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --field-trial-handle=9236,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9136 /prefetch:1
  2⤵
  PID:9176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --field-trial-handle=14356,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15156 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --field-trial-handle=16376,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15380 /prefetch:1
  2⤵
  PID:8788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --field-trial-handle=16408,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=16416 /prefetch:1
  2⤵
  PID:8784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --field-trial-handle=10976,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=17640 /prefetch:1
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --field-trial-handle=11604,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9836 /prefetch:1
  2⤵
  PID:6172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --field-trial-handle=11640,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=11980 /prefetch:1
  2⤵
  PID:8836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --field-trial-handle=4900,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=13416 /prefetch:1
  2⤵
  PID:8832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --field-trial-handle=14700,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=15420 /prefetch:1
  2⤵
  PID:400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --field-trial-handle=16428,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=9832 /prefetch:1
  2⤵
  PID:6644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --field-trial-handle=9996,i,11977795225602731682,6382471054340873361,262144 --variations-seed-version=20250327-050106.744000 --mojo-platform-channel-handle=4808 /prefetch:1
  2⤵
  PID:2372

C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
1⤵
PID:6896

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x460 0x4b4
1⤵
PID:9612

C:\Windows\System32\sdiagnhost.exe
C:\Windows\System32\sdiagnhost.exe -Embedding
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1884

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\chrome_Unpacker_BeginUnzipping4632_2086031139\manifest.json

Filesize
85B

MD5
c3419069a1c30140b77045aba38f12cf

SHA1
11920f0c1e55cadc7d2893d1eebb268b3459762a

SHA256
db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f

SHA512
c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping4632_673030079\manifest.fingerprint

Filesize
66B

MD5
496b05677135db1c74d82f948538c21c

SHA1
e736e675ca5195b5fc16e59fb7de582437fb9f9a

SHA256
df55a9464ee22a0f860c0f3b4a75ec62471d37b4d8cb7a0e460eef98cb83ebe7

SHA512
8bd1b683e24a8c8c03b0bc041288296448f799a6f431bacbd62cb33e621672991141c7151d9424ad60ab65a7a6a30298243b8b71d281f9e99b8abb79fe16bd3c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping4632_673030079\manifest.json

Filesize
134B

MD5
049c307f30407da557545d34db8ced16

SHA1
f10b86ebfe8d30d0dc36210939ca7fa7a819d494

SHA256
c36944790c4a1fa2f2acec5f7809a4d6689ecb7fb3b2f19c831c9adb4e17fc54

SHA512
14f04e768956bdd9634f6a172104f2b630e2eeada2f73b9a249be2ec707f4a47ff60f2f700005ca95addd838db9438ad560e5136a10ed32df1d304d65f445780

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping4632_878701270\LICENSE

Filesize
1KB

MD5
ee002cb9e51bb8dfa89640a406a1090a

SHA1
49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2

SHA256
3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b

SHA512
d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c

Download Submit
C:\Program Files\chrome_Unpacker_BeginUnzipping4632_878701270\manifest.json

Filesize
79B

MD5
7f4b594a35d631af0e37fea02df71e72

SHA1
f7bc71621ea0c176ca1ab0a3c9fe52dbca116f57

SHA256
530882d7f535ae57a4906ca735b119c9e36480cbb780c7e8ad37c9c8fdf3d9b1

SHA512
bf3f92f5023f0fbad88526d919252a98db6d167e9ca3e15b94f7d71ded38a2cfb0409f57ef24708284ddd965bda2d3207cd99c008b1c9c8c93705fd66ac86360

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
5eeb51e9e64e555e4a7d2705eb9976db

SHA1
742d0f4d9a77575115f5c5ad9ac8a133bd7abde6

SHA256
47b9983eedcea6a3828388e3097617595b69ff60543180b2411b20b0444085aa

SHA512
32c4630f6be0210efa8330dd1286855379c169c048543d4bc1a985eba6fdedb67b3c8fab522265f667276f74fbd4290013588d8233003bfbce63701fb8ae3581

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
1e81ebdb625f53971263168635e05896

SHA1
e4d180936aa2d5c3648f298db8c501ba31fb412d

SHA256
5187950d039c6e1ccd8ae7461fd805701fea5e783038b4c490f0227f8db73a6c

SHA512
b50d514a2aab1db57f207dbbea6e89aed29541bf0a994399a44846df19e77e0daf87c0b569f4c78ec8fd2211acf881bacd68e0a632adb08c22602eb94d51e7e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
78KB

MD5
4e180b9efa5503ffb8bf5c828869abe6

SHA1
83a52d046098cc4c978a85dd8fe492f9dfb1357b

SHA256
2400ffe0da30f3e847d26987b384d9e85ad58f8de8376373c179b5f35cccb40f

SHA512
814be8cfb35ae8240210423c7a5dfc28f69dfb91306597d1963a1dca26deae7307550c8d5954ab54ed59f253a50c3ae11d09e546f3fa26fb9ebaa292aed2ba8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
19KB

MD5
be2d2130734d1f4f0f8d5748d52c2bf0

SHA1
705f90cdd81f8dcd3df5523bb986843175a91349

SHA256
ba9337d65f097378e0c5ddfae400adb77c3de24281210f824705156e8645279c

SHA512
17ef20a5f2a7aa35c83d1acb7ba81d137c5b2f58824a11175c2f79aa49101842a9ed191e88ed493693ca6c01ab6d547fd0ae611d24ca8fddba19434a7fbb15a0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

Filesize
52KB

MD5
bebad2b271f37bddf7dfe472083ee94a

SHA1
c8c47a032a948b34ab6ec078db82456ab2897814

SHA256
26d2fd483f489c2bd7298d98a6d7597ecbf89eb268cdb732419dc49383333199

SHA512
88642bf796baa70d3dced5955ced537c8b4787739022fa5c9da2387a459b9007adecf728ae065dcbf6ed3fe4c20ac88a7aabdf75d482f4ff1fa447aa4552805c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

Filesize
28KB

MD5
564a80f06c5058cd19537375a47d2da5

SHA1
db5220e6e520a2011362bfe82a1be6fdb413cb48

SHA256
230a4ea452bc7ba039775d964e2de8a643a9fce5d9f74c25649a55031151d8ca

SHA512
fd617efe1dd3b9425648ea8ca5c7769c8e81e3f78caee6805b0671ed7681824dd135e90191a1195d5ccb8610b9056a07018483098ba473a507ecd100739d1c32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000051

Filesize
16KB

MD5
9c6b5ce6b3452e98573e6409c34dd73c

SHA1
de607fadef62e36945a409a838eb8fc36d819b42

SHA256
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc

SHA512
4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

Filesize
22KB

MD5
280d0dffcf08dedc8ce52f25270bf1e8

SHA1
e9566fd9372120a6fb9760a131f8919934954f35

SHA256
ed51e026d37d510820ca0b811d1f774fa8eb13ce09775c5a891853ca072fb58f

SHA512
1dd8a347348a3d211bd8f03c30d7dfcf160d62ade9c354dd9649ef4591c874bd466d864ac0aad454a0b0e01f1149c1c5a95aa365affbd7d81f79558c7ddc39b7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00007f

Filesize
67KB

MD5
60a30ef624fad5be472ee5d1acd1b2ab

SHA1
5dbb87bbc2e8a6143308e7928536ae778610794a

SHA256
d0ec8a13c2eb6a38d628cd7adaed308116164ceee003f816889b4db1735bfccf

SHA512
315e3ea4d4c6ccf6c14fc509933b01cb77c964b608cb95ce2ee8c331011adaf618e41cf4b8c499c4f6c9e137b88a34caaa7aaa44a69fdabed84df550e178d60a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000082

Filesize
35KB

MD5
7c702451150c376ff54a34249bceb819

SHA1
3ab4dc2f57c0fd141456c1cbe24f112adf3710e2

SHA256
77d21084014dcb10980c296e583371786b3886f5814d8357127f36f8c6045583

SHA512
9f1a79e93775dc5bd4aa9749387d5fa8ef55037ccda425039fe68a5634bb682656a9ed4b6940e15226f370e0111878ecd6ec357d55c4720f97a97e58ece78d59

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000089

Filesize
20KB

MD5
f69cefb34e81abe998b7b4c0cc0cdbf0

SHA1
b4d4d39233a096793eddabac7b913373160ea7a1

SHA256
a8787de8a8d93bb7a6d9aa55572db8d806693978d0365240507ba62905657174

SHA512
6c8ceebb276bfe4ab080eb03bc8f497c72b7ce7fdd70d3d1689c60eb3dc091ff4af97fb21ae4dc9b6589c21638ef27c7194ee52780da6690c04baaa4c12fc4b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008d

Filesize
158KB

MD5
83266658f29f5cb762001d5d9f6985a7

SHA1
9ff52157193e1e798944e6a3172d938183f5e550

SHA256
60072b4eb6fc5f1f1214a34fcd55b3cbd1d05eddf778f85611f9b352c4c6452d

SHA512
60b2a8749bb597b71c6cb7113c4ea6c430ab90c6f6a5f78a36ab5fbd2676fbc173ade236be939e862569c786fbdc8e0aa984f1ae4263e91de2ba681cc8ce5d66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a87a3bdb17838020f12ca40165c2e24b

SHA1
315c6d8a7e884cd06a5825c92c64b8eb748a38c7

SHA256
0463443055dfe53f0fcff34e091f2ee78f5a57f30f56615e2ff688b330b99779

SHA512
d5b2d37d3f4a6abac1a71f67a8dcf745fedb32300dc84cebe3810f82c5645f8c917533e2650c3350b4528f2a12647bdfbfe8787e0c25e9573a89487580f25205

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.techspot.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.techspot.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
282c743e1a567930d887eb55a286a300

SHA1
07f1d3a3f7553dd1bcd78a479d2fa4a825639e7d

SHA256
69e5417a5ceb455b44dbdb5bcf380ce7a5a373326423ad910287b6e8c2126b26

SHA512
505fabaa711f00e9e5a5c7dcc072279f5e50134e10a44363523f8d8e49bc519a39a59c6551b7e774b5cabcccb63a8d22dc3c0036979aa3812ab82c5541d4fd76

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
58KB

MD5
6c57ec73f7faa9a804442a9f05fab9f5

SHA1
b02d62b168f7c032b349f5f77796e2d7253575ce

SHA256
a9570dc115b2ac30b8c847a452d0b00ac949dd26b8fdb49576b63f0e6331459a

SHA512
9cd648a756f6bfb58fb415283cc92596935b339580c704ba9d752b9e275e1f95def7e986ff1ea93d1c1dbde876ab77052a2ed9b0a17a74111751daf7182f07be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
523B

MD5
dd1f58f4de06ba8d390679c919697cb0

SHA1
7877fc933739d99a757484c06452c438b5189cb7

SHA256
5f6429e7b4fec9963c8b3fad2b22675c8303a5f2c74d74a1bd0446ec5a84e03d

SHA512
e7d59a51a9f900a43ade4575aa992d88d56980140916b52964dc9609a3795a0327ac19d15ace5a65ed455f7365e55530f614dc7dcffa040082939a5c76a578be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
495776f9d86ad8efff316e4956720c1a

SHA1
d461828e885e45fa21350463b3039e4087741cfe

SHA256
d35c1be99c6f439cb1953239f1caef79a4574f7bff4bc245aa47ecc4bafdc928

SHA512
c322b0100bf2358aa75a55692826156002ca659c762863bea010f7d4d6a89c28d322ee4b5a65beb9ff029292bbe4e0d774c6fa5c18ec16cbb0fc4b1750293fef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
9141a69bf3056be33449321d11e9ccc2

SHA1
8f3114dd4d0ea1b0f733997f7fd15ec08b180ac4

SHA256
61ed3ab5d3eeaaa41bfe406d7d10a259c231bc6c3ad356358a33f664a781be10

SHA512
457ee0eda8bd0c2d31be01dca67b60af40d7aa4006c3053e2e1727c4a685ede02686250eaedeb787a9ccd4ec34949bd0f4b32a18c000c989e54c0604784d2d36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
2df37cede363fca9f9f9f3820edc48df

SHA1
b4279e047156a205a49dc47339a15df33dc539ea

SHA256
eec669f433320f3389c8ca618ac542e8660ce9a803c6d8f6b78b405cc9a8731e

SHA512
4ff2c3651cecaac5221c5c178c3555cd3e305244702583b48eaec1b058f8ca4193b5f6413e5c25a37abfed0efc4695ad7e9e4c4adbd124a784f0bd185e32093f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
ee2e29daeead59a7a503732761158835

SHA1
ae063379abbd12016d426aa699636fca123ab083

SHA256
fab6b84760c7f23bd7ccbaf9f82ac0f9b8538165970b13cce523c8d5a82c789a

SHA512
2f7967f5122f6699501e7459cb6c40b049b8beaca16a7bf7b0acc42874c8ced9964fd23b284f0951d63d92486236d96de5e9a5da804e3db827ad6e2fec5fe1e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
3a6eb36d67ec0de9614f09a74dc1bb54

SHA1
abda1f65acfd93cf1e2494e595a2df0ca8c9f37e

SHA256
f0552ed1d6a82f37288c855a2be976f0b42e83092458b3d7a34301f385dc2e04

SHA512
cd5a9eeaa3fd1c0702efe7acfb513cc7f55aa1a5853cd407e1318d8592e06c92cae085c12d8aaabcc8b4c61cd6175a785750b40f2f412dc29be7738b7ac05762

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d2ac58c07c37385e5f00d1e349164463

SHA1
16a993b365333ddc03a5ee3422fb66180d3c6506

SHA256
5d4c32aed34bc274dbb34bec76649a01957f65ade257bfeb8a010d2f72dbc00d

SHA512
bd08a08f1b01c3aeda22df3ac94518758422878e58da31837cd84875400ef022be6b0795ff51c8b5905d5a01731ef6b09ab8a7be7f3ed3ddffaedd5148220061

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
cfd6f9c6ec27bec422261718473eb1a5

SHA1
e8eebc45085a7d11f9e08097a88877a1de6c1242

SHA256
05fdd35fb29503d43d309106b6f19eb900057a47814e4c3445297d7c6663212b

SHA512
29fce508ec89f3b42ee3e1272e851ead1f70290acf90c8630f70d313e59dfd062740b759c3fcc102d64f53f0b68fd2c0606bba09230e7dd0540cc59e397380d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
587ae6d5fd5f2d2ff56606a3818349cb

SHA1
37d6d6e0a149ec44dfbf2fcc1e3fd91a977cf1f5

SHA256
9ffd015070b98476e9aefc735d0b99549787d8615751d92503d7b47ba2c786f7

SHA512
4074c7833ccc26219da0aa546a6961f8e14a5424a60761a69b8af0460e432eab7eb432a63aa9ebb43cdb718f1dd1edb238a3e64ac1e4dd2e53784bf44c8ff0a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
082b726b8bbf459f70f46b5d50baf94b

SHA1
38e45f99a538de5b4a8b5397fc74f5eba1a20b6e

SHA256
6be5cc4850ccdcc6907f75d30ab078e5286ed6321bbb2bb4e0301fb632a26d22

SHA512
4faf17ced2092f06a23c11b50e1ee7010b5a8be70ea9b87ed218da2ef0f2361b56c756835f89b07cd5e0612bd60df47d1d7a24d8d5534bcf7c5847a2e078244a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
391fae65a55944f1d8536946cccace39

SHA1
548f590231a65f762791367e4ef6eaa00a6c1a18

SHA256
bdfccefb5f6e0ae37273bb99a2732a0c1c826db883804d096d471308b51e1856

SHA512
e58e4126e1965b064185488fe7540eeef6f6886d96276f9ddf413d70dcc40155967ba792515aa1d15e45325d6d37316db6f150bd648baeb89a476116fab05a81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
18KB

MD5
4e6df4b0591e57a754985b1ad967ad09

SHA1
5bdc4d7321acbbd108efbb1219da8a19e00a0c00

SHA256
4dac7b1a394408009874e8e6096331662634a3b8b3a35732c96cac3eee29f7ff

SHA512
f67037978ea551dd379b71f00fb59f92e2e7844a4f511a6b3dc0dc7da1b2ae036bd781ea62000fe023638decb4a371db7ef6325808f71060191030d56f740de1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
1a4eaccd9cbbf7269b2e7858d3aaea9f

SHA1
61a4cd6b0d559fa60c79f4d9e2940b034d79febf

SHA256
6082646f3e33efdf3d39c345724561807d547a19b7ba0cc00232c037c1278a33

SHA512
1afa52beffd4d4fde76c3e83431c6394f583a5749674d12c3fa30db4ebe44345dd0358c308409e8707783e84d1421e7ce71d8521f9935aa515ae7dc5ebc7635d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

Filesize
72B

MD5
a12621bd571aeaf88bef0d68b297b396

SHA1
2be340c920832fab953748e545dc6cf19de7a920

SHA256
c5a9a679ccada74225ef336feb85ce25e104f58fc4db10c4fba42db59cef004f

SHA512
7317c36fef99fad7016a3df1d4d7a29e5e205c569b3a9b9a3e31f34cfd9f969b33bcb7f9a30444ec86e91b6cbc0ed0b3098adb917743579c92adf48d98c3c6e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
ea5a2cab82682e5d67249685c59e8825

SHA1
5c69acfa29bbc834a3ad401f7b9dd7ba60a5f0c1

SHA256
b716b5df54976b2c503c59c37745ec3a4e34d8679b65bcf7b8eeae4e38216f23

SHA512
58c2b641ecb9dc796c518f3cffefb54675523575b8a4e45a2ee4f13387babf2ae9e144571dabc2da401ffe0851744e6e381753e2c0d6aa0e3c82efebec698e36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
8410859ebb65d6d5171016f5f92fe031

SHA1
2ba5a8708231c711382067d3e9c6bf04c542ebea

SHA256
b435e971b0f598d6cd913acd284e761640194082343ecbeaaaafb47c7f9956a2

SHA512
cb15ad01378dd51945b85a1ed109687e5bf89a7e0f909637878d153796bc39a016a72998479bb938f4fb5c9ab8500895da2cdad131dcf2de1e30acb9f069f10f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57d0ec.TMP

Filesize
48B

MD5
ea684128b1c9677049a5cf3549a9001b

SHA1
20cdabecd574e8a9359f034e2b63eddadb5c14c4

SHA256
07de72b781bdab37c7fce25893d2bfe4f34431ed3dcea70dc5a72bdc004adc6d

SHA512
bc9b97a6407b457eb221743295466e5fa814200315a1f77cd88c2b8b840bad8fa1997f72af91200a8cb6cd0dc443fb7b50d598c3bd879133e080c00aff78b922

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\6edcc3ec64b8f5e6_0

Filesize
64KB

MD5
90d4cfba43c398a9f1e583e1c0343621

SHA1
a4316d1042199de1a246fb1bb1b65fe2d4667ba1

SHA256
27ee3f42e7bad984c952bd9d573fef464be660022f9528c1173349eced7349cb

SHA512
b5e100f6fa6fe57e8aabfd598533e68144b0e2bd80558c8da60e75f0022083c5f0970134232129a1bc7bd0c0bb40adb580e97c243259edd3a96122cd77ead050

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Shared Dictionary\cache\index-dir\the-real-index

Filesize
96B

MD5
8dd666d20e4bf3405bb39e40bc0d3358

SHA1
ced753ed9eb09c92923e898d30d5745a4b8bfc89

SHA256
c628bbfef9ad47c37dc6cc26cfa86b5092e9f175a81bae11e4927d3247f4a9ad

SHA512
da78880c99ba8169821241faf4eb46bdc431ce2976eeebda4a4ef2e44ba2587f2d74e7b6a1c5ace456bd17e7b81636009cd68e165b480574037325a0d349e72a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
a69003d332f00628018c9a23d4d2129e

SHA1
a69d13dd6e9608df671de6f090d949fe07375336

SHA256
605d53bdee0183da777c16285fd4a49bc5658616c443b8af6fbefaa264a00210

SHA512
724d5428b472c8f64b1bba98cdd40c48168262654b44438cfd143d5cc1e6f86d60f94e2fe4a62d2e75ba08190fb0da760982bfe00ab232f643c6763be1a1a636

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
5b308baa3937f4676b4db618fa9451e8

SHA1
542ae0cbc702513a490fb66470cddfdec547830a

SHA256
a8251fae4c451d6c69e2a832704918b61179d726e8856ce54cbf7c294e5910c8

SHA512
96e163f4e4a77e2b6a8ad67e9326bcdc62919442f8c67f2103216dca7faf34f4e1be93efaf3c12f7c9acfe8283db66393f3f3b02bd407e4bda19419ac49d1d0c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
79KB

MD5
099c64c4e73454f6fff6ca713503ee7e

SHA1
0385280b286ad3a2bdc483adfc29fe6a1043b9a0

SHA256
bf36f0d518a7defbcaf585e0b340224f69fe366fc092772c6110bbb059d4538b

SHA512
330681b2a4daa70d9107762824670629028a3aaa26d1bf8d3ab415fea437f25a83acdfc72792f9b9ecdcb1f7566d4ca34e23b761ae42523566a1410a9d774ef2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
155KB

MD5
0c99578ebe27f160503d5f710fd113d0

SHA1
82e24b6e82d31463e460960e8aa017fb1e0cf5a8

SHA256
2857867ef0c103f00e2ac095d8e0f1518f04eabe86f2b4c4a87d43da1a632f16

SHA512
574dfe6223ab856b35f592f4f13b3ff527eadbc6909b1d83682ccc14e891ba1d2852d7d6789bbde8a14974e08208fa648a2dc046509a8b36d6804bfb82f05cf4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
81KB

MD5
234234751b925f5a4b173fd3e53737fd

SHA1
6897d4c706932ebe3e233b6863c2a913d40457fc

SHA256
ede8ddf6f6b380ef9e8d8e39ab604be11cd5cc19ab6e823242dbdb883efb09b0

SHA512
7da213ea94a80c51ee429e36e87069d8a7508bc37e4463915622493f5607aab67c091f6c8b3276b60349e1aa5ce3e90930dd633f5255339a62fc2775e97d3ea5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\AutoLaunchProtocolsComponent\1.0.0.9\protocols.json

Filesize
3KB

MD5
f9fd82b572ef4ce41a3d1075acc52d22

SHA1
fdded5eef95391be440cc15f84ded0480c0141e3

SHA256
5f21978e992a53ebd9c138cb5391c481def7769e3525c586a8a94f276b3cd8d6

SHA512
17084cc74462310a608355fbeafa8b51f295fb5fd067dfc641e752e69b1ee4ffba0e9eafa263aab67daab780b9b6be370dd3b54dd4ba8426ab499e50ff5c7339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
8625e8ce164e1039c0d19156210674ce

SHA1
9eb5ae97638791b0310807d725ac8815202737d2

SHA256
2f65f9c3c54fe018e0b1f46e3c593d100a87758346d3b00a72cb93042daf60a2

SHA512
3c52b8876982fe41d816f9dfb05cd888c551cf7efd266a448050c87c3fc52cc2172f53c83869b87d7643ce0188004c978570f35b0fcc1cb50c9fffea3dec76a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
280B

MD5
f26f139e262e0cec252b28f3f25a112b

SHA1
1a23fd38e2451b31748ea9f58a48feeff0c3a5d4

SHA256
432681795f6be405e8e80e893600c5a995e4e559dd1529afad9116ca23e1ec13

SHA512
255b9d02e4ed007464907f9eb6131b58cd1798e1785e52391e4c05ed46074b9335ccdb0b6e2fe1726fcffe29a57989e84da1b0ee3223e9d29324b4c21e38c9d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
667043815b7f81544e99c533718109b5

SHA1
b3255247980c0bfa05c304860d5873a86e025823

SHA256
84eb2366131cc4b35ab7a1204b1e39d97cfd952b48f15c4d4d8deee8f54ca599

SHA512
c0db82b0c98495b7dff01b549f9f3dfd3cbea9edf2143ccd542e88a39fe71395faa7887328df14b82027cf4a7422c691fb36b283264cfaf41da6bedc8b115641

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
f6ac7646326f7b4a8a50f541fb81751a

SHA1
c3e09da1e3af0e84b7d79e2210bca569680b2b5e

SHA256
a18f3011d05d7ead953254985dd7564a24a76823a96a43f4307ea97976b72b23

SHA512
7cc76a5becb5c415168a1cf436160b71bf8f96b6a2d48132e26835a37286144a4401aafa1744259fe384155f47604400efd6403f895d30586c719e1d3adeeb7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
3d0eb40104b854254bd9588a1daa0555

SHA1
f56704774dc7ac7d51d535a3bccd5208df8c34cb

SHA256
4f25c4d4859c3f8a03be2b5637838170e4d15f314c6e0cad11f056236ed5d550

SHA512
fbae3a25f7ba3ea7848806dc474758975ddfda1d0798e98730086f4fee06b3d506e10fc217a54c040d5ba86e7e19007c2868c4bf955b73c121b8438914520c5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3

Filesize
8.0MB

MD5
f3841358d1a1ce073948bc450a047205

SHA1
ab6b6b5a7276f6298c3d422966562bb809c65bfc

SHA256
1839d5f6ad81731bf708ab43f194d75aac89e7d81a34a2f88a414a380febb519

SHA512
064383437d4ab9c464330a5149d210b1245f86d41ffdbc12ae1c9e1e5dc891511e4d89bad0ef694c50c763000e9a708db4b729b7bf87b6587d85543b404622f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076

Filesize
76KB

MD5
6a8bcee67b0f8d9aa14b8c1b1b4dd8d2

SHA1
7000d4197cbcf82d14dfb7754dcbf1b878f543dc

SHA256
a42d7d03378b031704c4ac28d76269d0d394e572377297ac6335ef2c7c783742

SHA512
33de240cc21aa98c9014d797703ccadd4d08f1ceb17f2f74617acacc0b9da38e6f84598d3110c859afd75cc3c477a10a0dc2ce9d182b508056d3a0fdf31527c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077

Filesize
328KB

MD5
8722c74a8c70c43c9fbffc9b757ba1bc

SHA1
2e7d8aa205369be725ce03b8084fa66740c3b0a9

SHA256
64157da0c3ae9cb7dbb9dcd20a200eb0b746bf9adef93b1a15c2f3a1bf8136ac

SHA512
738748b590b2053235d9da8f7731a30f51cc783f62924a8cc372d020826f11fa97046dcd03f60c463711430229781be4a69d00d94a85dd38fec001a01781d2dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078

Filesize
77KB

MD5
5e555fc3a0904b75a5f5c417d22dd23e

SHA1
c132ddd2aaca0dbf162f261a017dc59cdadf185b

SHA256
2ae1fe481d1164f16fb9a345d6120798b141b4ee92aaf07748cb964103a758d7

SHA512
7319b442853bdb4758a7f3b8d7a320dd271fcd7d9177e45c3f1391bfd803f0687951ce95a869ab2b23d03a3a862309e265393a17d24c806f058fbb0599c1aac5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079

Filesize
88KB

MD5
c00da229286260fb52064e34cac9f0a9

SHA1
009507a50221a93fb4eb14053390adfcd9de4e0f

SHA256
b0f849790f84837b0975b4ba964b062d9f8331e0feb58955d9fbecdde4bc8ec1

SHA512
8204f4f3f3d28eb0d66503a3db4dfb79d4cb3ab96d94d0a0ec0786db45dda811ca3fb026e2ff96c5cce29133439ebe9647477086c869bfce188e4fa0d6c04460

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a

Filesize
72KB

MD5
886afffc95410eb46c374d4a56420c30

SHA1
95f8d21e2f6a073a853005a7399a5ebce45d5fb4

SHA256
39b4905cb2f579c0a986a03af8a4f46ef8301d2aa1c42a025a512c402774736f

SHA512
33fd06bbaf79a6d11c16c7259b88851ee7c521ce147f4221e1fa0b8b6373ae41cadcfb7bf29999e1f06963b1c10539dee1ed39f8b19cbe401bb34c6a7ca7d6a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b

Filesize
38KB

MD5
f53236bc138719b68ccd1c7efb02a276

SHA1
26b7d3eea5d3b12d0b0e173ebf2af50a7d7e56d6

SHA256
787c14f8cc865430c03c96a345044b7c5b8dc8a032511a500d4a42228533acd8

SHA512
5485bc7ccce8ec75f60bca3be846086a4bd4466009c8e22da9cdd16bb1154529af2fb2667cd3a97485cc4f6635fb79ac0fdda4f3e1f39f25f6196f708a92d740

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
565398a092838b5651121589795feb81

SHA1
019e044f88e06ea02ac8063e44c8aa19aa02b1aa

SHA256
bf8ec57c93c432512cd38ef92977774338d55dc87d7f3d6fc5dd0a8553e50b0e

SHA512
8c5efa00a6d647a55d6f9e3d57ef0609a124a39f309f958c416cbbb30a31d1bb77b3d6c2cd00622dc86424d117cb9dc7573675a477d2a27d78d1b82a36c2043a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe577148.TMP

Filesize
3KB

MD5
a19d50596a95a69edaf109d91f1cfbc3

SHA1
61840d16c7ed3db0f530de3b6f4d185346c0089a

SHA256
65ebf4a99784543bd350022c74ec9ae84203b2c237edcc27d84a003db95cd843

SHA512
20f6e47f372d669d6ef0432ab702bb736ce34f99b9ff58c8b708c0c5802b9e5bc1f3b8a96531d67eaa010b9c5edf1104d03f31c450b00cf66570241b7a491752

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

Filesize
346B

MD5
959c8ad27339ca87c0cc886d2d1cda19

SHA1
dfb34b6a4150a6aa5c5524757774329bb546ad34

SHA256
581d9ba1a6e2f2c01af750be7ecd0609f55316be20deeadae338d7295f1777cd

SHA512
1af4b02dedace6f267d872b180a09868c139e652297bd7e4c1e363d26d57406a0df04ba7612da46d60d28ee653a111ec418bfe60129509adb539fb3becce20a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

Filesize
319B

MD5
cb95e06351985b4c6b90b41f3104a5f8

SHA1
67e4b1b63260416fbdd56635c522c03f5a536243

SHA256
2fad0b20810dbb403eefe95871679094b1a2a22d91669240f347484bc63a1c87

SHA512
2dade6389fc2a52619f068a8c454eabdefb42cbe89f3eef3f64c6c30a45733a5d5fcd8781eb4dceb3c30292c76d8a2e7aa33d6cb8d3333111005e91e494062ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
20KB

MD5
08b86f44c07ddcad33cbea769f59cd99

SHA1
4824b9170016cd17ebd9046eb41eda6844e09104

SHA256
b2e419dcffacaf557c4665fb6ca955991cabc7e2f9425a6aee4a854c818b5b09

SHA512
5e9aa70c31e4b2f8d7b0266c9cd931b92be49b6467d4cb19a0b67f9faa0a3e280e4ae0ecdebf45df58ddba4c36758643b34fe1aacd94b0f3afde986f29ff7b6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
192KB

MD5
e42aea9a16d89cebec8a4c01bd5bddf4

SHA1
739c24f31a2ac0eb50de3f5cd1c20a5ab61f1e4c

SHA256
2a440dae6fd3e27066bb50808e9269558ce10d70e49f1038dcd3478bed3cef5b

SHA512
8867105faac594c488cf7f0413553b25a358111acd50b1f003eccd42fab014b57a303070fcd54f8403a005caf13644be0c3ae4a51d7cea7e6deb8bee9b45c34c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

Filesize
5KB

MD5
8787330d5b19c4abdc0960a12ff70925

SHA1
d28d06a00a9268546b9623b06b04e72c7a5ee44a

SHA256
5940128aa4a468a6c7e55a32b1a0d691a5c0799045b580287d8a6a0e5c7eaf9d

SHA512
77c9fe38d5fb3171c9358582cdf756133505c94780a16acc366c4c07c3a92875dc04d068cea03954e31f194377f8dcd4c4a45a4b34aed2e08f9c33ef0bcef7ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

Filesize
334B

MD5
ca11f31a02766ed19231b8491f75fb78

SHA1
dc0c7f63424703386465231420ff6b9fcf2da1c5

SHA256
74c8d84dddba164d652c50bfde61abeda705967714ea693f9282ae2b6a0f8955

SHA512
592118aef601014ca187e38e483fe0cb4b52f31e1225ead504589011e88bc7e79366a4d5634e4776c59b3f2e71a5af93f56b7b0a0b4a12fc52942f03021e9f57

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\637cdde5-352d-44e4-bd45-a321b050b115.tmp

Filesize
3KB

MD5
1d08909b62e4186166931be928f05d6a

SHA1
a1a4314915d8704aaf1a5d7344aaff33006a6221

SHA256
088be22e4d1b8d72804a6a24498c5126869c8688edc9c0cb16c4075ce75ba2e7

SHA512
bc8571252d375ab4a6c04657cdd380f9aa033b6ae122f4a861004ce8554fd01a3c24f637929e9890ba96015b5c86b0d2880cfd86ebc02d3e8fc1f29a23ffa75a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

Filesize
20KB

MD5
55d1f4028fd6664537086f89a20481d6

SHA1
621be87867b8dd70c8eb8f8c1060be5423ff1a36

SHA256
6ad7c3d9e48d7e41db8baad095d9bf60f75e1e5b3c4053a061cccff25c0ecf98

SHA512
5f894c6737694995abadfc4d7798f6b7ee45e8f12b6c7fcae248e43a84cbd43df4c17ff95f11ca6e7340cd9fc230064a9ee762932575a96477235fb3e1eef62a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d16db12346080d618c9e2373f04aed0c

SHA1
b715733801dfd1e4f9762b7d1453b7100613634c

SHA256
6a1eec455e6d14c7f12f6ecae6a350ea136fd425da2533680b3f76621cc91a88

SHA512
0593f641ad827c6a04588c5ede12c0f750092d438d84da19092d5347ba36a144fe5cf1f627d9fc90303dfe58f8a656aaef9b07205dc559fb43fe2ebc9a69f381

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
a6bf5e2914e31194a981f45fe231c768

SHA1
dfd0d72bda06a6bfe357ec3a2a93011183320e25

SHA256
0fa95d83077497121dddbbec0348a03fe90eb5cd681f470a39a591eab16064b6

SHA512
87d58ef3472de4f683370de4774890e0c05a61bef363ab6d3a96b43aab87d3e6878035a0efd241cb2dc35514ff3a4e9cbd0946f6cefc666ee14fccecdac1960f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries

Filesize
40B

MD5
20d4b8fa017a12a108c87f540836e250

SHA1
1ac617fac131262b6d3ce1f52f5907e31d5f6f00

SHA256
6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d

SHA512
507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
ab4991f5c63afc2b23d56ff05b640456

SHA1
1f69c70f47927528210abd1f3ea21eaf4e6fac31

SHA256
3df43df12a06235ba4d26e1979f86918cb5e25d42cd0f84e5e2e74aa26515d53

SHA512
d2b333228096732ff5552c0fb0afdc7e15d67a79f0127622fcb669b84e1054ed20e01d118ad750f7ffe89e332c34bbcde2ad2d353ecce62e7803fa741649ef6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
44f160387d311003654217c4bf6f43fc

SHA1
18c254decbe34dbcd442b37428db9236f9e73137

SHA256
064938b8c93205c1e4ab510f52971271b85f8fbc9006aecc8abf7b48fbe230ae

SHA512
74d1a0db909c3be4b4c58019271b77affd8b3106b74750f45736e0cc39987c5a7a8e597ee9bc3b663784d33d84bc402a549e7f71819857796cb9a541e154bff2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
36KB

MD5
c7918a167c2b0539cdf43d896fe0b795

SHA1
f966a255a00bcb26871a0994eb438e0d6f82e630

SHA256
44d406a4163544c16d45decc6da494321a815fcd1400a4f4a8bd310cc3ab736b

SHA512
4f6425a039ba489eab290be9545d107ad72472c02f4e025f4fe6648115e75227498308c8a677f7216dca1327592e4ac0dd155725a057f5d83af4c366fdaa41bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

Filesize
338B

MD5
21a1d5f433b0eece762cb7278b89ce01

SHA1
efde7fcc4fbbee3d4190298e513c25105466e4d9

SHA256
241ef9b1afe0c1be4088c209f737ed04d2a9b9f79138ff172313415beca91afd

SHA512
6114cb2dcad1ca774ef319f9dc1bece08a61dfb84e76677b31af528398d5ed605b60c4ac4973500b50ba7b96d7b10a729a025ceeae4075499ffcf1c26a2f681f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

Filesize
347B

MD5
4b8298726f0603ba3b59f777932d4039

SHA1
585ea96b8e64f06d643f0b552bd3dc7f7c732009

SHA256
0ac790775457602224846a1dfb3d18db4a79c210e2473dfa66edaf4acc637199

SHA512
6103250a0c8edb8b0642f7c6fefd8c93b8e17ddd9eb76fd17b986e773c100f97f399226664076a441192163b9b0ca0f7a932b6fd57dfe58e8946dc4402cded1e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

Filesize
323B

MD5
6cecb43bf377956d85d035048855b71c

SHA1
22c7161d83a3e357d90c8defa8866f3835755935

SHA256
51116d8bbed9cf83c81114e9e548efc77264677a5fb24b2e1ed517ddcfcb48c2

SHA512
8e95baeda5bc7b3afc6d26beb24ed61620ca2350b41057410b39381db01cf2fa6fe571b63bdc118fd0317d076e7f7da43361e2039163bd46a774ba8e3c9d578f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log

Filesize
23KB

MD5
8d362862e0797ca1ea0aa3e7ba97e260

SHA1
f6a6db1ee0fe83f22ae30b0462d81db0c9f88b16

SHA256
563090a2d612556a3c41c474242ab5fe7329d18e4fd33a28ce94a982963324e5

SHA512
e8310d3a4fbac2c3078a2b1b1bc03706d221c764fa11b84a2be9e69fa96fad02f7a8cf7aa995db9319c21cae5b6212313c728af85702d719213f26142aa388e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
20ed9e91d95435515729e1beae28a651

SHA1
049fd10a453995d6becda4e40ec006462841e598

SHA256
79bd6d811457fefb5e408b075bdfe64643a9c366bc52890b92345e31d1c7b3ec

SHA512
77b28bdbdd22321c80aad7d787c99dd5b185f4ae67cf08401843319b079cfc6b6333269c5e7df23d4e68dec81fec63dd41e256573aafea59662fe82225019637

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
228KB

MD5
0645d07810e180e42ad91ca0ed134a1b

SHA1
d8b9f43f46ddf8a08f46a55d9b31bd1569ff8abd

SHA256
42d05dc83c3e57f15d0431eca0b4e92165eeb12c66556b8a129edeb8e4a56eaa

SHA512
ec78becf95793dcb76aa7c7a40349844d63cc58c49413e60966f70ccee34c907265a2ae277fa919c1e68492a1e374579ad9ba976387589dbaabe9a5e3f7834be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\default_cloud_config.json

Filesize
12KB

MD5
18261eb12378081f939fb9415ca0c9e1

SHA1
20d4ff782e17fe45e71c3f9fc60a94655f72ec7c

SHA256
12bbeec9a0af9e3ed945b28b9b8ef89b2f897768d1ba3ffd6f3fbb42fa5bc556

SHA512
fef634b4ce77c2f36ce1bdd63e8ac28e76cd089f0bff33f4425c757ddf37fe9fab30dea7b5bb51c91eb27012cf78800e03643e13d51a25bf624ce58ab3488a80

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

Filesize
319B

MD5
1a74bacbf3cfb6f6cc19d4ee24b017d9

SHA1
3180554c40c8b77c66a234b2de0831bbaa09b5ef

SHA256
6ba67818c438de0bbb8f4e370de40a4385e92531ead6dfb389ba2d0f2917244b

SHA512
ba2c5c45ae9c197068696036b390c7f0ed6b83797c25aafd647b137fa750b52868eb796b89e16abc3a06cb8dab5687f372efc8b22996b1085bb9c23afe14376e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

Filesize
1KB

MD5
26002c2afb4b06237f6ef1ab235eff49

SHA1
6584dd46df0c71988ddeee037843f2ef5e1cd3ae

SHA256
dd4bdf3c0be3b9dc3cd987d89cbb829508c5a0fdd6e912777489cf4395eb6241

SHA512
7bc4d92341fd1a360d0311ca734d5b148dd5ad1fab26b47b6a3c682bd065742ee7336a5eb2e70f04fabd4be38f9a89ff51a70fc777c12ac3a14e785db3bfd35a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

Filesize
337B

MD5
7964839126361907620697fc66ba81c8

SHA1
0bfa1c88637eaf957118f3b8a2f361bf5ef1bb57

SHA256
d2fcc033d53d4563e2c85ed6312d2364f8ab6179a2c68100f0d25fc008bdecef

SHA512
9e528e1f94e9a97fdc7c6aef86078b61f13b47023f662a3dbb15a397b90b81393518c7c6310ccf4420467349adfb1c18f091fe467e1deafe5ccddcf60b11084f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
23KB

MD5
79d8c90db84ce39f7d19fcba1f5e295b

SHA1
045b928854cf20aeab9815fb0c037dbccd49e8ae

SHA256
f4439cd52b6e1edf7376d226c56b2bc650f4fd083c863fbe0e5db49d19b194c2

SHA512
da077d002b69463f22e21ccf9eccf25d814deaa6f23e518b3d6db8171403ab0987670f4a904ed68450bb057ff9048121e4ef6cd1d37442229d8e2faa6a620bba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
900B

MD5
d9db5939c8c9b586a30f8ff159ebb22c

SHA1
ad6a2f391bc1ba151ccce509ae47f8531a364b42

SHA256
4bec71be76b488bfa1f62ec4b6628c03cddc10616f73f49144ea18c98c404b3a

SHA512
4fb96c30582ed3587719f02cc48dd8c65992dc07c9fadcc074ec5b5700bb3d02ba3dd87f3e8760a704de815e0c52e31833744b3663c4a819c35209b9dc3be1c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog

Filesize
467B

MD5
05cc86c88751f0566ef1e98f015d2e23

SHA1
f789aa1103249b9d9071f83d89b5dacdf887885b

SHA256
6d29c438826b75ee43026425764859928ecf6871bc8089a957a3bd6fa7e7d45c

SHA512
eaa4c302501d64424f5eb1029c3bb722d2ee341ab9987e279682f4569332fa546c0e30c2edf113e4f3d47d497b4075f1c13a22b2ce2f969bc44eda048c5b99ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig

Filesize
19KB

MD5
41c1930548d8b99ff1dbb64ba7fecb3d

SHA1
d8acfeaf7c74e2b289be37687f886f50c01d4f2f

SHA256
16cee17a989167242dd7ee2755721e357dd23bcfcb61f5789cc19deafe7ca502

SHA512
a684d61324c71ac15f3a907788ab2150f61e7e2b2bf13ca08c14e9822b22336d0d45d9ff2a2a145aa7321d28d6b71408f9515131f8a1bd9f4927b105e6471b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0

Filesize
44KB

MD5
e3e26ee1eacee79d5277d560eb6566fa

SHA1
989b807c7a9257462545d2ac1909268d63cdf112

SHA256
e9267c412814095c8f45fff99451ffd8289d7967eca1cf09532e7a5e9c966721

SHA512
56c0d3eab9d9fe78fa5a3fac328d0ffc133af15802388e44656c229833f1868714162b6f79cc11dcafa40259419fd7f23791e28862361236e31dfcf022085334

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

Filesize
264KB

MD5
2f9396bbeea9d361481a17753ea4f883

SHA1
a4bde5756e4e3f1aadefe0a69ffa5e8bdea72114

SHA256
99149156e59f72019203cdc10786731326bc7a819af9b66eed26389aa959e572

SHA512
42cc3e739ddc70e8766e0f5ea6c43cfd16701268ef970a9627875448e9764b82db5dba2e12997c95fc93413e29d5d4405e0f34f68b3356d4f94dbbd85c2efb75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3

Filesize
4.0MB

MD5
8fe3e8217a452c0eb58d1fdd3303da19

SHA1
60eb252fc9d759354145d4c97e2c73b7bce8e429

SHA256
c629841d93b4605215b20d4a7ba3cc0d991e7faa6622fedf9662a23806f6e886

SHA512
d2d1a8927f8c80748dd7d51cbae9317bbe14c1b583642ee1cb6acf49709d1634987ab0d444b14de8087cecc0fd05d0b6d7b8b36a8eaca757666d084f2b1b586d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

Filesize
264KB

MD5
a260f3f1b102d4b8c94efb14ace52a92

SHA1
7b1e4f4db5ee3c535532eb7053928f8a6c99abe8

SHA256
6c6d0a74f1d0807d0f2d782f478b83a439ee91736a9b5a0ee7ea39c596c30e62

SHA512
373b763ffbf38a261779a8d8bbf8ac326dc0d7b0dcaa3dc563fa1942a65a1507b0f32d472c9f9fe8daa75e46b6ef301b8d0d0853c1894941cefa1f42236c8fa8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
13B

MD5
3e45022839c8def44fd96e24f29a9f4b

SHA1
c798352b5a0860f8edfd5c1589cf6e5842c5c226

SHA256
01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd

SHA512
2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
47KB

MD5
a00e401e7314bc59f792e52c1562cdc1

SHA1
6a767666309e141d568bde0c085f014f470d52ab

SHA256
b7caff9f6a8535fe4d7da02af37abe38199c3e8a9216602a3a13edd64992f369

SHA512
344c7b265d1c8cbddb8aa5d2efbc3ef89e584ef271f768f093ea39f0c3a172a733388fa52c20251510615df6523cebc8c8ab8ecf3cd166dcd11b36b41bbcf057

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
50KB

MD5
b3c65e73994430f499155007ecdee644

SHA1
51cd65bc8b9d48a3ffdafec45530fbb2558792ea

SHA256
a15b922ed2d9e152089db73c4df042e814ff05f32ec4da16005685a432ce5f60

SHA512
fd8f2c91d6f91d7daf5e1f9cf68aaaf1b3d0423f7ef9b6e2d57ac870ae5a280e59ab24aa9af7223025311904dc12384a7db8b39e7432965b91482a0bee673337

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
55KB

MD5
a2d54ed5f4794cdee66787aa4b5062f3

SHA1
1fb87b64bac33eea066caa9939385e4cc9e8a03b

SHA256
2f61ed922b7279456abf0b6d3d3c844650d5077492c44230bc00d73bea3c20f2

SHA512
6757f74590fabd4ca53d4848cd2fa2792084c4349c7d02f8892b43d08f5d02af077464208099b364a2295338b84be9f18f0f80cff80c23ffabfdae767a36667f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
41KB

MD5
38a8df234b1a6b9af7e8e59e83c4c0a3

SHA1
513932489d4df5769ed90cac11fce63be0f1aaf1

SHA256
a50ae39360176b4c86030112391448df2e7fa88564b8766de0a9bc286a50b94f

SHA512
8627bb58ffaa17b780e1a2cfdd14aabdc45a5e7ae88d4cd99790c4f932887f36cacd0bc336bf892d9a1671262b8d47af8735cd123bc581e6f8bb6a9ceaf1af40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
47KB

MD5
fc2c24a13c4f6f99a9de57e4a05bdcd3

SHA1
ce9d5da19cd4c47a3c4e590ce5a58569cdb8601d

SHA256
ad2db2a0612f629fd13a8164780932d533c50183f1c6bc44ef70a351fd57546d

SHA512
24ea5d7043b7e8a25df5fb84ac4f555209a38a0e00463724e2ab4ec77bba102d89d613f43cc4c8c9a55b997546914ffcfd79e2e7ce8dec2dacc0321ace8b0c8c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

Filesize
264KB

MD5
8ce1b13154ca01320956e159873846bb

SHA1
37c84a9f4f31eb825f137e35848d16a0f5c5c421

SHA256
a14a023f60e642dd46db3c5ec93c714eb54b09fd7358631c0c3cd48679e77b1a

SHA512
25a67804ebd0b28dcb41ee5c8c96318c0decf1fdc1b2419447d8b559bbe83dab2e60280f828f1d8115731ff3523f4c099229db4c4231211ed5e64934cef93c3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\TrustTokenKeyCommitments\2025.1.17.1\keys.json

Filesize
6KB

MD5
bef4f9f856321c6dccb47a61f605e823

SHA1
8e60af5b17ed70db0505d7e1647a8bc9f7612939

SHA256
fd1847df25032c4eef34e045ba0333f9bd3cb38c14344f1c01b48f61f0cfd5c5

SHA512
bdec3e243a6f39bfea4130c85b162ea00a4974c6057cd06a05348ac54517201bbf595fcc7c22a4ab2c16212c6009f58df7445c40c82722ab4fa1c8d49d39755c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations

Filesize
86B

MD5
f732dbed9289177d15e236d0f8f2ddd3

SHA1
53f822af51b014bc3d4b575865d9c3ef0e4debde

SHA256
2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

SHA512
b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\extensions_crx_cache\ghbmnnjooekpmoecnnnilnnbdlolhkhi_1.fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

Filesize
152KB

MD5
dd9bf8448d3ddcfd067967f01e8bf6d7

SHA1
d7829475b2bd6a3baa8fabfaf39af57c6439b35e

SHA256
fa2232917a5656ea4f811936561ea6b7c92b3c0004c5e08ecb97636d3afc6f72

SHA512
65347df34378c2bbb34417e2cccfb3251a0b2412422cc190eed9df525b6e0a9948e0295ea3c33b3ad873ce81e369e89a138ac41d6eb7229546c3269107e661de

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

Filesize
2KB

MD5
b675ed4354de5bc486e1a86592300462

SHA1
2de9322c62bf80e078fe951574653794b3ac5861

SHA256
a2459a3f75e9d33b6047d0e781c5a7664c47d800b2c1446442af258b3e0b9929

SHA512
d4bdb02e2000959e5c70c4c135c02f4413d0f3dd4a63016d5af61a1a4aa163b41834b0ec43d8daffc592949bdb45c9d4f312ad0502f2c80a9955e429d96b1ced

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\8b0d4544beb97a69dbb9583fca5575a9aba6e37d.tbres

Filesize
2KB

MD5
8125519401ded3d7bc322f497b812337

SHA1
a069d1d0ae21989327eb5e6d815e435c996170d1

SHA256
81a7c089342fe1f37f48351ac2c7f7a967ea409ed9f8d6b0375b4f24fcedfb24

SHA512
dcfd921841c840f79d23282727faa4c6b718f0d3f16bc6c9fcf6211894f59c88b159615a3943aacc05042e06fef221104b65aa5d181641cd873e2ef3f31abb44

Download Submit
C:\Users\Admin\AppData\Local\MinecraftInstaller\deviceId.txt

Filesize
36B

MD5
ff7e1a42ce3a7ef69e8019b5c367be51

SHA1
652f2ec7a4b6df5d5f7bf50c7e16f85f1d7e5a31

SHA256
8c13fa58dd8e8fbf27dfc8e297006a37b497fddc4680b9a5351944a1517cdcba

SHA512
6961f647ae55f91271488370e2a1e92d74982471ab9c154471820dbe2bb4ba702d518d60d6e54a2fb83a162a55631837941707ceea2e3cd4c7dc60f0adf4afbb

Download Submit
C:\Users\Admin\AppData\Local\Temp\GamingRepair.exe

Filesize
565KB

MD5
debca559478b491bd58c4594657f4216

SHA1
b9b760b8dc7b969f1ce9a5fedd8f7441a55e6e22

SHA256
6de332811fc74b85637326edb00a03c7c8687f7ef5c73fecaee870e037dcc0da

SHA512
1af6215f5d2dbfbf52cc444d8b34d2fcd55a0c2c6c4c4ecf3e95c492157f03c94af66f7d4e607f1e47e3fb7845118db8841d7eb232acd34ed777751e94033cb9

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_txyjswgg.cr0.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Local\Temp\c90bc91f-cc3e-4e6a-b028-cfb612c4666d.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2416_1332679010\CRX_INSTALL\_locales\en\messages.json

Filesize
711B

MD5
558659936250e03cc14b60ebf648aa09

SHA1
32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

SHA256
2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

SHA512
1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2416_1332679010\CRX_INSTALL\_locales\en_US\messages.json

Filesize
1KB

MD5
64eaeb92cb15bf128429c2354ef22977

SHA1
45ec549acaa1fda7c664d3906835ced6295ee752

SHA256
4f70eca8e28541855a11ec7a4e6b3bc6dd16c672ff9b596ecfb7715bb3b5898c

SHA512
f63ee02159812146eee84c4eb2034edfc2858a287119cc34a8b38c309c1b98953e14ca1ca6304d6b32b715754b15ba1b3aa4b46976631b5944d50581b2f49def

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2416_1332679010\CRX_INSTALL\dasherSettingSchema.json

Filesize
854B

MD5
4ec1df2da46182103d2ffc3b92d20ca5

SHA1
fb9d1ba3710cf31a87165317c6edc110e98994ce

SHA256
6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

SHA512
939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir2416_1332679010\CRX_INSTALL\manifest.json

Filesize
1KB

MD5
2a738ca67be8dd698c70974c9d4bb21b

SHA1
45a4086c876d276954ffce187af2ebe3dc667b5f

SHA256
b08d566a5705247ddc9abf5e970fc93034970b02cf4cb3d5ccc90e1a1f8c816e

SHA512
f72b9190f9f2b1acc52f7fbb920d48797a96e62dfc0659c418edbbc0299dccf1931f6c508b86c940b976016745b9877f88f2ee081d3e3d5dcdcc2cc7e7884492

Download Submit
C:\Users\Admin\Downloads\MinecraftInstaller.exe

Filesize
32.3MB

MD5
e4deb3624e6d89f5f6ef22fedacc3f9a

SHA1
e0919c595923082f6ccf00fdd1fde3fca2d0c338

SHA256
e7b0b17e1ea03055fea83b1e6c7da387eb64ba064268140e3b33f1a15ee77eb7

SHA512
68a7304b531fa49998a0368c7d731549b155ca793237140b53dd9d190b7581c066f02f35bcdcd12e4bfbaae2ef560b1d75ec7a6d14fa3daa3a28b29dea0c3547

Download Submit
C:\Windows\Temp\SDIAG_081a46d3-4208-4542-b337-1e285265215b\DiagPackage.dll

Filesize
77KB

MD5
fc7504df42668c2918657d1b9a3102c9

SHA1
5f9a70a31678e2e8b9a10849ea8657702d0cb53d

SHA256
159c4d4621f4ce1f4da14246401d85a00b40c0090fd0b2640446a896127ac646

SHA512
c844f9e5ba72eddc6aca73e09214bf8372ee5676124077983b78b10b9830a5e5eabd9c9fff2650858836f995ea79b1f0502609a428797b838ac7cda3f627c0da

Download Submit
C:\Windows\Temp\SDIAG_081a46d3-4208-4542-b337-1e285265215b\en-US\DiagPackage.dll.mui

Filesize
4KB

MD5
2ad9d1abe41ad048186f196b58fd8e9a

SHA1
d9c66f6ef89ad126ef2bbb36e0bcf6fc8a0e34af

SHA256
9b9acb69e01f79160d368cdcd8a4dc81f18da6398f920b6f663938171f5f718c

SHA512
4c4e1e5bbe173dfd37c65fff64a029883b2f719a360a9f5ee0772b304a518839605528b97b1ac0319b79a6d7f284767ad6c04b3b769559e2b14600c467947d61

Download Submit
C:\Windows\Temp\SDIAG_2b7a7b21-821d-47bd-b67d-c80b57823f26\DiagPackage.dll

Filesize
77KB

MD5
458bc0d439cb0d955120ae319c6ed91b

SHA1
b8899daffcbf912462d7e089d126d664c1a40216

SHA256
9454ec899ff78ff14c4c5137ba23d99dfaba079c629afd790640d0f07724201c

SHA512
fda4a2641db70fabc10d73dc28dc13f3b85140a382e032fa7a46abd5eb72e076f96794ccbc0f344a0cc88222fe27ee527a3587eed286e3e3db338824950369c0

Download Submit
C:\Windows\Temp\SDIAG_2b7a7b21-821d-47bd-b67d-c80b57823f26\en-US\DiagPackage.dll.mui

Filesize
6KB

MD5
84d58b706a4a16e582a140f72110b7f5

SHA1
bb7a3f254dde61f948417eabdc5a0883d102d873

SHA256
4b012aeaa40324691c6af926d5bb27409232fe8c484fd295d64925fc36f31060

SHA512
9f520c9d00586d9fb8a87b904d75616ca18b6dc3badd1db71ee85236a6bba459d56eee6ba29ae8cd2139fda8e5df961b232ad87a17fb4dbe61dd4422d804c508

Download Submit
C:\Windows\Temp\SDIAG_b973ab96-2ac8-4df0-b9c6-fe40878009d9\DiagPackage.dll

Filesize
478KB

MD5
580dc3658fa3fe42c41c99c52a9ce6b0

SHA1
3c4be12c6e3679a6c2267f88363bbd0e6e00cac5

SHA256
5b7aa413e4a64679c550c77e6599a1c940ee947cbdf77d310e142a07a237aad2

SHA512
68c52cd7b762b8f5d2f546092ed9c4316924fa04bd3ab748ab99541a8b4e7d9aec70acf5c9594d1457ad3a2f207d0c189ec58421d4352ddbc7eae453324d13f2

Download Submit
C:\Windows\Temp\SDIAG_b973ab96-2ac8-4df0-b9c6-fe40878009d9\en-US\DiagPackage.dll.mui

Filesize
17KB

MD5
44c4385447d4fa46b407fc47c8a467d0

SHA1
41e4e0e83b74943f5c41648f263b832419c05256

SHA256
8be175e8fbdae0dade54830fece6c6980d1345dbeb4a06c07f7efdb1152743f4

SHA512
191cd534e85323a4cd9649a1fc372312ed4a600f6252dffc4435793650f9dd40d0c0e615ba5eb9aa437a58af334146aac7c0ba08e0a1bf24ec4837a40f966005

Download Submit
memory/1884-3371-0x0000028DABEB0000-0x0000028DABED2000-memory.dmp

Filesize
136KB

Download
memory/6432-2753-0x0000000000EA0000-0x0000000002EF8000-memory.dmp

Filesize
32.3MB

Download
memory/6432-2797-0x000000000BA30000-0x000000000BA56000-memory.dmp

Filesize
152KB

Download
memory/6432-2796-0x0000000008470000-0x000000000847A000-memory.dmp

Filesize
40KB

Download
memory/6432-2768-0x000000000BC00000-0x000000000BC38000-memory.dmp

Filesize
224KB

Download
memory/6432-2769-0x000000000BBC0000-0x000000000BBCE000-memory.dmp

Filesize
56KB

Download
memory/6432-2767-0x000000000B590000-0x000000000B598000-memory.dmp

Filesize
32KB

Download
memory/6432-2756-0x00000000088A0000-0x00000000088A8000-memory.dmp

Filesize
32KB

Download
memory/6432-2754-0x0000000007C40000-0x0000000007E02000-memory.dmp

Filesize
1.8MB

Download